Fix discouraged usage of iam_policy_attachment

The comment above also links to an IAM role policy attachment. https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment is discouraging, pointing out issues/limitations using iam_policy_attachment. This should allow the same functionality
terraform-aws-modules · Aug 12, 2021 · 19047f2 · 19047f2
1 parent 9022013
commit 19047f2
Showing 1 changed file with 2 additions and 3 deletions.
diff --git a/examples/bottlerocket/main.tf b/examples/bottlerocket/main.tf
@@ -57,8 +57,7 @@ EOT
 
 # SSM policy for bottlerocket control container access
 # https://github.com/bottlerocket-os/bottlerocket/blob/develop/QUICKSTART-EKS.md#enabling-ssm
-resource "aws_iam_policy_attachment" "ssm" {
-  name       = "ssm"
-  roles      = [module.eks.worker_iam_role_name]
+resource "aws_iam_role_policy_attachment" "ssm" {
+  roles      = module.eks.worker_iam_role_name
   policy_arn = data.aws_iam_policy.ssm.arn
 }