ignore assume_role_policy that is not a string

stelligent · Mar 16, 2018 · cdb83c0 · cdb83c0
1 parent d648986
commit cdb83c0
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 6 deletions.
diff --git a/cli/terraform.go b/cli/terraform.go
@@ -17,13 +17,14 @@ func parsePolicy(resource assertion.Resource, attribute string) assertion.Resour
 	if resource.Properties != nil {
 		properties := resource.Properties.(map[string]interface{})
 		if policyAttribute, hasPolicyString := properties[attribute]; hasPolicyString {
-			policyString := policyAttribute.(string)
-			var policy interface{}
-			err := json.Unmarshal([]byte(policyString), &policy)
-			if err != nil {
-				panic(err)
+			if policyString, ok := policyAttribute.(string); ok {
+				var policy interface{}
+				err := json.Unmarshal([]byte(policyString), &policy)
+				if err != nil {
+					panic(err)
+				}
+				properties[attribute] = policy
 			}
-			properties[attribute] = policy
 		}
 	}
 	return resource

diff --git a/example-files/config/roles.tf b/example-files/config/roles.tf
@@ -16,3 +16,8 @@ resource "aws_iam_role" "test_role" {
 }
 EOF
 }
+
+resource "aws_iam_role" "test_role_with_invalid_policy" {
+    name = "role1"
+    assume_role_policy = [ "foo" ]
+}