Error: Missing resource instance key
│
│ on codepipeline.tf line 213, in resource “aws_iam_policy” “codepipeline”:
│ 213: “Resource”: aws_codestarconnections_connection.github.arn,
│
│ Because aws_codestarconnections_connection.github has “for_each” set, its attributes must be accessed on specific instances.
│
│ For example, to correlate with indices of a referring resource, use:
│ aws_codestarconnections_connection.github[each.key]
resource “aws_codestarconnections_connection” “github” {
for_each = var.app == “enabled” ? toset([“enabled”]) :
name = “${local.project}-codestar-connection”
provider_type = “GitHub”
tags = {
Name = “${local.project}-codestar-connection”
}
}
resource “aws_iam_policy” “codepipeline” {
name = “{local.project}-codepipeline-policy"
path = "/service-role/"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [{
"Sid": "AllowCodeCommitActions",
"Effect": "Allow",
"Action": [
"codecommit:GetCommit",
"codecommit:GetRepository",
"codecommit:GetBranch"
],
"Resource": "{aws_codecommit_repository.app.arn}”
},
{
“Sid”: “AllowCodeStarConnectionActions”,
“Effect”: “Allow”,
“Action”: [
“codestar-connections:UseConnection”
],
“Resource”: aws_codestarconnections_connection.github.arn,
“Condition”: {
“ForAllValues:StringEquals”: {
“codestar-connections:FullRepositoryId”: var.app[“source_repo”]
}
}
},
{
“Sid”: “AllowCodeBuildActions”,
“Effect”: “Allow”,
“Action”: [
“codebuild:StartBuild”,
“codebuild:StartBuildBatch”,
“codebuild:BatchGetBuilds”,
“codebuild:BatchGetBuildBatches”
],
“Resource”: “${aws_codebuild_project.this.arn}”
}
]
}
EOF
}