👀 Views: 59 💬 Answers: 1 📅 Created: 2025-06-14

terraform aws iam hcl

I've looked through the documentation and I'm still confused about Hey everyone, I'm running into an issue that's driving me crazy. I'm working with an scenario with Terraform when trying to apply an IAM role policy that requires a reference to a Lambda function which is defined in the same module. The behavior message I receive is: `behavior: Cycle: aws_iam_role_policy.my_policy, aws_lambda_function.my_function`. It seems to indicate a circular dependency, which I don't quite understand given that I thought Terraform would handle dependencies based on resource references. Here’s a simplified version of my Terraform configuration: ```hcl resource "aws_iam_role" "my_role" { name = "my_role" assume_role_policy = jsonencode({ Version = "2012-10-17" Statement = [{ Action = "sts:AssumeRole" Principal = { Service = "lambda.amazonaws.com" } Effect = "Allow" Sid = "" }] }) } resource "aws_lambda_function" "my_function" { function_name = "my_lambda_function" role = aws_iam_role.my_role.arn handler = "index.handler" runtime = "nodejs14.x" source_code_hash = filebase64sha256("lambda.zip") } resource "aws_iam_role_policy" "my_policy" { name = "my_policy" role = aws_iam_role.my_role.id policy = jsonencode({ Version = "2012-10-17" Statement = [{ Effect = "Allow" Action = "lambda:InvokeFunction" Resource = aws_lambda_function.my_function.arn }] }) } ``` From my understanding, the IAM role policy is trying to reference the Lambda function's ARN, but since the Lambda function is also trying to reference the IAM role, it creates a cycle. I tried breaking the references by using local variables for the role ARN and function ARN, but that didn’t resolve the scenario. I've even attempted restructuring the resources to separate the IAM role and policy into another module, yet the cycle seems to continue. Can someone guide to understand how to resolve this circular dependency? What strategies can I use to avoid this scenario while keeping the configuration clean and maintainable? I'm using Hcl LTS in this project. I appreciate any insights! This is my first time working with Hcl latest. What am I doing wrong? I'm on Windows 11 using the latest version of Hcl. Am I approaching this the right way?