From c191ae3cd1e17e43229239448904b72a8a83a180 Mon Sep 17 00:00:00 2001
From: Vijay Veeranki <vijay.veeranki@digital.justice.gov.uk>
Date: Tue, 28 Jun 2022 12:12:00 +0100
Subject: [PATCH] This is to fix the error when no prinicpal

Fix below error:
MalformedPolicyDocumentException:
Policy contains a statement with no principal
---
 main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index 3e48c5f..e14a785 100644
--- a/main.tf
+++ b/main.tf
@@ -81,7 +81,7 @@ resource "aws_kms_key" "kms" {
         Sid    = "Allow cross-account use of the key"
         Effect = "Allow"
         Principal = {
-          AWS = var.kms_external_access
+          AWS = length(var.kms_external_access) >=1 ? var.kms_external_access : ["arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"]
         },
         Action = [
           "kms:GenerateDataKey*",