Fix discouraged usage of iam_policy_attachment

Phileas Lebada · web-flow · commit 19047f28d9c8 · 2021-08-12T15:52:57.000+02:00
The comment above also links to an IAM role policy attachment. https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy_attachment is discouraging, pointing out issues/limitations using iam_policy_attachment. This should allow the same functionality
diff --git a/examples/bottlerocket/main.tf b/examples/bottlerocket/main.tf
@@ -57,8 +57,7 @@ EOT
 
 # SSM policy for bottlerocket control container access
 # https://github.com/bottlerocket-os/bottlerocket/blob/develop/QUICKSTART-EKS.md#enabling-ssm
-resource "aws_iam_policy_attachment" "ssm" {
-  name       = "ssm"
-  roles      = [module.eks.worker_iam_role_name]
+resource "aws_iam_role_policy_attachment" "ssm" {
+  roles      = module.eks.worker_iam_role_name
   policy_arn = data.aws_iam_policy.ssm.arn
 }
