Updated code to fix the bug and improved code style

iam.tf

@@ -3,8 +3,8 @@ locals {
 
   # Lambda@Edge uses the Cloudwatch region closest to the location where the function is executed
   # The region part of the LogGroup ARN is then replaced with a wildcard (*) so Lambda@Edge is able to log in every region
-  log_group_arn_regional = element(concat(data.aws_cloudwatch_log_group.lambda.*.arn, aws_cloudwatch_log_group.lambda.*.arn, [""]), 0)
-  log_group_name         = element(concat(data.aws_cloudwatch_log_group.lambda.*.name, aws_cloudwatch_log_group.lambda.*.name, [""]), 0)
+  log_group_arn_regional = try(data.aws_cloudwatch_log_group.lambda[0].arn, aws_cloudwatch_log_group.lambda[0].arn, "")
+  log_group_name         = try(data.aws_cloudwatch_log_group.lambda[0].name, aws_cloudwatch_log_group.lambda[0].name, "")
   log_group_arn          = local.create_role && var.lambda_at_edge ? format("arn:%s:%s:%s:%s:%s", data.aws_arn.log_group_arn[0].partition, data.aws_arn.log_group_arn[0].service, "*", data.aws_arn.log_group_arn[0].account, data.aws_arn.log_group_arn[0].resource) : local.log_group_arn_regional
 
   # Defaulting to "*" (an invalid character for an IAM Role name) will cause an error when

main.tf

@@ -1,8 +1,9 @@
 data "aws_partition" "current" {}
 
 locals {
-  archive_filename    = var.create ? element(concat(data.external.archive_prepare.*.result.filename, [null]), 0) : ""
-  archive_was_missing = element(concat(data.external.archive_prepare.*.result.was_missing, [false]), 0)
+  archive_filename        = try(data.external.archive_prepare[0].result.filename, null)
+  archive_filename_string = local.archive_filename != null ? local.archive_filename : ""
+  archive_was_missing     = try(data.external.archive_prepare[0].result.was_missing, false)
 
   # Use a generated filename to determine when the source code has changed.
   # filename - to get package from local
@@ -11,8 +12,8 @@ locals {
 
   # s3_* - to get package from S3
   s3_bucket         = var.s3_existing_package != null ? lookup(var.s3_existing_package, "bucket", null) : (var.store_on_s3 ? var.s3_bucket : null)
-  s3_key            = var.s3_existing_package != null ? lookup(var.s3_existing_package, "key", null) : (var.store_on_s3 ? var.s3_prefix != null ? format("%s%s", var.s3_prefix, replace(local.archive_filename, "/^.*//", "")) : replace(local.archive_filename, "/^\\.//", "") : null)
-  s3_object_version = var.s3_existing_package != null ? lookup(var.s3_existing_package, "version_id", null) : (var.store_on_s3 ? element(concat(aws_s3_bucket_object.lambda_package.*.version_id, [null]), 0) : null)
+  s3_key            = var.s3_existing_package != null ? lookup(var.s3_existing_package, "key", null) : (var.store_on_s3 ? var.s3_prefix != null ? format("%s%s", var.s3_prefix, replace(local.archive_filename_string, "/^.*//", "")) : replace(local.archive_filename_string, "/^\\.//", "") : null)
+  s3_object_version = var.s3_existing_package != null ? lookup(var.s3_existing_package, "version_id", null) : (var.store_on_s3 ? try(aws_s3_bucket_object.lambda_package[0].version_id, null) : null)
 
 }
 

modules/alias/main.tf

@@ -1,5 +1,5 @@
 locals {
-  version    = element(concat(data.aws_lambda_alias.existing.*.function_version, aws_lambda_alias.with_refresh.*.function_version, aws_lambda_alias.no_refresh.*.function_version, [""]), 0)
+  version    = try(data.aws_lambda_alias.existing[0].function_version, aws_lambda_alias.with_refresh[0].function_version, aws_lambda_alias.no_refresh[0].function_version, "")
   qualifiers = zipmap(["version", "qualified_alias"], [var.create_version_async_event_config ? true : null, var.create_qualified_alias_async_event_config ? true : null])
 }
 

modules/alias/outputs.tf

@@ -1,25 +1,25 @@
 # Lambda Alias
 output "lambda_alias_name" {
   description = "The name of the Lambda Function Alias"
-  value       = element(concat(data.aws_lambda_alias.existing.*.name, aws_lambda_alias.with_refresh.*.name, aws_lambda_alias.no_refresh.*.name, [""]), 0)
+  value       = try(data.aws_lambda_alias.existing[0].name, aws_lambda_alias.with_refresh[0].name, aws_lambda_alias.no_refresh[0].name, "")
 }
 
 output "lambda_alias_arn" {
   description = "The ARN of the Lambda Function Alias"
-  value       = element(concat(data.aws_lambda_alias.existing.*.arn, aws_lambda_alias.with_refresh.*.arn, aws_lambda_alias.no_refresh.*.arn, [""]), 0)
+  value       = try(data.aws_lambda_alias.existing[0].arn, aws_lambda_alias.with_refresh[0].arn, aws_lambda_alias.no_refresh[0].arn, "")
 }
 
 output "lambda_alias_invoke_arn" {
   description = "The ARN to be used for invoking Lambda Function from API Gateway"
-  value       = element(concat(data.aws_lambda_alias.existing.*.invoke_arn, aws_lambda_alias.with_refresh.*.invoke_arn, aws_lambda_alias.no_refresh.*.invoke_arn, [""]), 0)
+  value       = try(data.aws_lambda_alias.existing[0].invoke_arn, aws_lambda_alias.with_refresh[0].invoke_arn, aws_lambda_alias.no_refresh[0].invoke_arn, "")
 }
 
 output "lambda_alias_description" {
   description = "Description of alias"
-  value       = element(concat(data.aws_lambda_alias.existing.*.description, aws_lambda_alias.with_refresh.*.description, aws_lambda_alias.no_refresh.*.description, [""]), 0)
+  value       = try(data.aws_lambda_alias.existing[0].description, aws_lambda_alias.with_refresh[0].description, aws_lambda_alias.no_refresh[0].description, "")
 }
 
 output "lambda_alias_function_version" {
   description = "Lambda function version which the alias uses"
-  value       = element(concat(data.aws_lambda_alias.existing.*.function_version, aws_lambda_alias.with_refresh.*.function_version, aws_lambda_alias.no_refresh.*.function_version, [""]), 0)
+  value       = try(data.aws_lambda_alias.existing[0].function_version, aws_lambda_alias.with_refresh[0].function_version, aws_lambda_alias.no_refresh[0].function_version, "")
 }

modules/deploy/main.tf

@@ -1,10 +1,10 @@
 locals {
   # AWS CodeDeploy can't deploy when CurrentVersion is "$LATEST"
-  qualifier       = element(concat(data.aws_lambda_function.this.*.qualifier, [""]), 0)
+  qualifier       = try(data.aws_lambda_function.this[0].qualifier, "")
   current_version = local.qualifier == "$LATEST" ? 1 : local.qualifier
 
-  app_name              = element(concat(aws_codedeploy_app.this.*.name, [var.app_name]), 0)
-  deployment_group_name = element(concat(aws_codedeploy_deployment_group.this.*.deployment_group_name, [var.deployment_group_name]), 0)
+  app_name              = try(aws_codedeploy_app.this[0].name, var.app_name)
+  deployment_group_name = try(aws_codedeploy_deployment_group.this[0].deployment_group_name, var.deployment_group_name)
 
   appspec = merge({
     version = "0.0"
@@ -140,7 +140,7 @@ resource "aws_codedeploy_deployment_group" "this" {
 
   app_name               = local.app_name
   deployment_group_name  = var.deployment_group_name
-  service_role_arn       = element(concat(aws_iam_role.codedeploy.*.arn, data.aws_iam_role.codedeploy.*.arn, [""]), 0)
+  service_role_arn       = try(aws_iam_role.codedeploy[0].arn, data.aws_iam_role.codedeploy[0].arn, "")
   deployment_config_name = var.deployment_config_name
 
   deployment_style {
@@ -208,7 +208,7 @@ data "aws_iam_policy_document" "assume_role" {
 resource "aws_iam_role_policy_attachment" "codedeploy" {
   count = var.create && var.create_codedeploy_role ? 1 : 0
 
-  role       = element(concat(aws_iam_role.codedeploy.*.id, [""]), 0)
+  role       = try(aws_iam_role.codedeploy[0].id, "")
   policy_arn = "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda"
 }
 
@@ -237,7 +237,7 @@ resource "aws_iam_policy" "hooks" {
 resource "aws_iam_role_policy_attachment" "hooks" {
   count = var.create && var.create_codedeploy_role && var.attach_hooks_policy && (var.before_allow_traffic_hook_arn != "" || var.after_allow_traffic_hook_arn != "") ? 1 : 0
 
-  role       = element(concat(aws_iam_role.codedeploy.*.id, [""]), 0)
+  role       = try(aws_iam_role.codedeploy[0].id, "")
   policy_arn = aws_iam_policy.hooks[0].arn
 }
 
@@ -265,7 +265,7 @@ resource "aws_iam_policy" "triggers" {
 resource "aws_iam_role_policy_attachment" "triggers" {
   count = var.create && var.create_codedeploy_role && var.attach_triggers_policy ? 1 : 0
 
-  role       = element(concat(aws_iam_role.codedeploy.*.id, [""]), 0)
+  role       = try(aws_iam_role.codedeploy[0].id, "")
   policy_arn = aws_iam_policy.triggers[0].arn
 }
 

modules/deploy/outputs.tf

@@ -10,12 +10,12 @@ output "codedeploy_deployment_group_name" {
 
 output "codedeploy_deployment_group_id" {
   description = "CodeDeploy deployment group id"
-  value       = element(concat(aws_codedeploy_deployment_group.this.*.id, [""]), 0)
+  value       = try(aws_codedeploy_deployment_group.this[0].id, "")
 }
 
 output "codedeploy_iam_role_name" {
   description = "Name of IAM role used by CodeDeploy"
-  value       = element(concat(aws_iam_role.codedeploy.*.name, [""]), 0)
+  value       = try(aws_iam_role.codedeploy[0].name, "")
 }
 
 output "appspec" {
@@ -40,5 +40,5 @@ output "script" {
 
 output "deploy_script" {
   description = "Path to a deployment script"
-  value       = element(concat(local_file.deploy_script.*.filename, [""]), 0)
+  value       = try(local_file.deploy_script[0].filename, "")
 }

outputs.tf

@@ -1,73 +1,73 @@
 # Lambda Function
 output "lambda_function_arn" {
   description = "The ARN of the Lambda Function"
-  value       = element(concat(aws_lambda_function.this.*.arn, [""]), 0)
+  value       = try(aws_lambda_function.this[0].arn, "")
 }
 
 output "lambda_function_invoke_arn" {
   description = "The Invoke ARN of the Lambda Function"
-  value       = element(concat(aws_lambda_function.this.*.invoke_arn, [""]), 0)
+  value       = try(aws_lambda_function.this[0].invoke_arn, "")
 }
 
 output "lambda_function_name" {
   description = "The name of the Lambda Function"
-  value       = element(concat(aws_lambda_function.this.*.function_name, [""]), 0)
+  value       = try(aws_lambda_function.this[0].function_name, "")
 }
 
 output "lambda_function_qualified_arn" {
   description = "The ARN identifying your Lambda Function Version"
-  value       = element(concat(aws_lambda_function.this.*.qualified_arn, [""]), 0)
+  value       = try(aws_lambda_function.this[0].qualified_arn, "")
 }
 
 output "lambda_function_version" {
   description = "Latest published version of Lambda Function"
-  value       = element(concat(aws_lambda_function.this.*.version, [""]), 0)
+  value       = try(aws_lambda_function.this[0].version, "")
 }
 
 output "lambda_function_last_modified" {
   description = "The date Lambda Function resource was last modified"
-  value       = element(concat(aws_lambda_function.this.*.last_modified, [""]), 0)
+  value       = try(aws_lambda_function.this[0].last_modified, "")
 }
 
 output "lambda_function_kms_key_arn" {
   description = "The ARN for the KMS encryption key of Lambda Function"
-  value       = element(concat(aws_lambda_function.this.*.kms_key_arn, [""]), 0)
+  value       = try(aws_lambda_function.this[0].kms_key_arn, "")
 }
 
 output "lambda_function_source_code_hash" {
   description = "Base64-encoded representation of raw SHA-256 sum of the zip file"
-  value       = element(concat(aws_lambda_function.this.*.source_code_hash, [""]), 0)
+  value       = try(aws_lambda_function.this[0].source_code_hash, "")
 }
 
 output "lambda_function_source_code_size" {
   description = "The size in bytes of the function .zip file"
-  value       = element(concat(aws_lambda_function.this.*.source_code_size, [""]), 0)
+  value       = try(aws_lambda_function.this[0].source_code_size, "")
 }
 
 # Lambda Layer
 output "lambda_layer_arn" {
   description = "The ARN of the Lambda Layer with version"
-  value       = element(concat(aws_lambda_layer_version.this.*.arn, [""]), 0)
+  value       = try(aws_lambda_layer_version.this[0].arn, "")
 }
 
 output "lambda_layer_layer_arn" {
   description = "The ARN of the Lambda Layer without version"
-  value       = element(concat(aws_lambda_layer_version.this.*.layer_arn, [""]), 0)
+  value       = try(aws_lambda_layer_version.this[0].layer_arn, "")
 }
 
 output "lambda_layer_created_date" {
   description = "The date Lambda Layer resource was created"
-  value       = element(concat(aws_lambda_layer_version.this.*.created_date, [""]), 0)
+  value       = try(aws_lambda_layer_version.this[0].created_date, "")
 }
 
 output "lambda_layer_source_code_size" {
   description = "The size in bytes of the Lambda Layer .zip file"
-  value       = element(concat(aws_lambda_layer_version.this.*.source_code_size, [""]), 0)
+  value       = try(aws_lambda_layer_version.this[0].source_code_size, "")
 }
 
 output "lambda_layer_version" {
   description = "The Lambda Layer version"
-  value       = element(concat(aws_lambda_layer_version.this.*.version, [""]), 0)
+  value       = try(aws_lambda_layer_version.this[0].version, "")
 }
 
 # Lambda Event Source Mapping
@@ -94,17 +94,17 @@ output "lambda_event_source_mapping_uuid" {
 # IAM Role
 output "lambda_role_arn" {
   description = "The ARN of the IAM role created for the Lambda Function"
-  value       = element(concat(aws_iam_role.lambda.*.arn, [""]), 0)
+  value       = try(aws_iam_role.lambda[0].arn, "")
 }
 
 output "lambda_role_name" {
   description = "The name of the IAM role created for the Lambda Function"
-  value       = element(concat(aws_iam_role.lambda.*.name, [""]), 0)
+  value       = try(aws_iam_role.lambda[0].name, "")
 }
 
 output "lambda_role_unique_id" {
   description = "The unique id of the IAM role created for the Lambda Function"
-  value       = element(concat(aws_iam_role.lambda.*.unique_id, [""]), 0)
+  value       = try(aws_iam_role.lambda[0].unique_id, "")
 }
 
 # CloudWatch Log Group