From c80c92b03b919330031b71865064cfbcec076ee3 Mon Sep 17 00:00:00 2001 From: Nick Simmonds Date: Wed, 31 Jul 2024 17:02:37 -0400 Subject: [PATCH] Error checking for conflicting variables lambda_role is only used if create_role is set to false. Currently, the user can set both, causing confusing behavior when the desired role is not attached and instead a new role is created. --- main.tf | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/main.tf b/main.tf index 855da1a4..4e62807e 100644 --- a/main.tf +++ b/main.tf @@ -22,6 +22,16 @@ locals { } resource "aws_lambda_function" "this" { + + lifecycle { + precondition { + condition = var.create_role && var.lambda_role != [] + error_message = "The 'create_role' and 'lambda_role' variables should not be used together. When creating a role, use 'role_name' to set the name." + # The lambda_role variable should only be used to attach a pre-existing role, and will do nothing + # if create_role is true. + } + } + count = local.create && var.create_function && !var.create_layer ? 1 : 0 function_name = var.function_name