Terraform 0.14 local source = "../" Invalid function Argument

In my working directory inside my main.tf I used the below to reference my local module

module “my-module” {
source = “…/my-module” // local

The relative path is correct and points to the below file.

my-module/local/iam_policy.json

My issue when on Terraform 0.14 is:

Error: Invalid function argument that my lambda function fails because it can not find the file it points to on line 37 which is listed below.

template = file("${path.module}/local/iam_policy.json")

This is running on Terraform 0.13.5 in dev, but when upgrading to Terraform 0.14 I get this error. Please help combed though stack overflow and nothing yet :face_with_monocle:

Hi @Cobra16319,

Can you share the full error message and configuration? With just what you shared we can only guess what might be going on here.

Hi @apparentlymart !

Thanks so much for taking time below is the full error code I recieved.

Error: Invalid function argument

  on ../my-module/lambda.tf line 37, in data "template_file" "iam_policy":
  37:   template = file("${path.module}/local/iam_policy.json")
    |----------------
    | path.module is "../my-module"

Invalid value for "path" parameter: no file exists at
../my-module/local/iam_policy.json; this function works only with files
that are distributed as part of the configuration source code, so if this file
will be created by a resource in this configuration you must instead obtain
this result from an attribute of that resource.`

I upgraded a mirrored enviornment with different permissions and was able to run my code with TF 0.14…

I am more curious on how or what this error means. My guess now for the community is it had to do with permissions? Here was my Lambda.tf portion of my IAM role and template I used that I think may have caused this strange error…

resource "aws_iam_role" "lambda_iam_role" {
  name               = var.lambda_role_name
  assume_role_policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "lambda.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}
EOF

  tags = merge(local.common_tags, {})
}

resource "aws_iam_policy" "iam_policy" {
  name   = var.lambda_role_name
  policy = data.template_file.iam_policy.rendered
}

resource "aws_iam_role_policy_attachment" "iam_policy_attachment" {
  depends_on = [
    aws_iam_role.lambda_iam_role,
    aws_iam_policy.iam_policy
  ]

  role       = aws_iam_role.lambda_iam_role.name
  policy_arn = aws_iam_policy.iam_policy.arn
}

data "template_file" "iam_policy" {
  template = file("${path.module}/local/iam_policy.json")
  vars = {
    account_id       = var.account_id
    region           = var.region
    bucket_name      = var.bucket_name
    lambda_role_name = var.lambda_role_name
  }
}

Hi @Cobra16319,

The message itself means that the file function found that there was no file at the path you specified. Since I can’t see your filesystem I can’t say whether that is true, but the first thing I would try here is to access the path given in the error message outside of Terraform to see if it exists. For example, if you are using a Unix system:

cat …/my-module/local/iam_policy.json

(I assume you’ve edited out a path prefix and replaced it with … for sharing here. If so, be sure to use the actual path in the error message rather than this modified version.)

If a command like this cat command above succeeds but Terraform does not then that would suggest that something strange is happening which we can dig into further. But what I’m hoping for is that it will also fail and hopefully give a clue as to why the file is inaccessible.

1 Like

Hi @apparentlymart

This is a great write up and anaylis.

I did this exact thing at the time of the error.

Since I fixed it on another enviornment I plan to go back maybe later tonight and try to re-create the issue and pull it down from git again and test if it was a directory error with the path.

Let’s leave this open and I will drop in later and share the results of the test. Thanks so much!

I was able to confirm

cat …/my-module/local/iam_policy.json

Works and directory was intact. I think it was a permission issue.