fixed deprecated issue

Warning: Argument is deprecated
│
│   with module.sra_execution_role.aws_iam_role.sra_execution_role,
│   on sra_execution_role/main.tf line 21, in resource "aws_iam_role" "sra_execution_role":
│   21:   managed_policy_arns = [
│   22:     "arn:${var.aws_partition}:iam::aws:policy/AdministratorAccess"
│   23:   ]
│
│ managed_policy_arns is deprecated. Use the aws_iam_role_policy_attachment resource instead. If Terraform should exclusively manage all managed policy attachments (the current behavior of this argument), use the aws_iam_role_policy_attachments_exclusive resource as well.
╵

Author: nictom-aws

aws_sra_examples/terraform/common/sra_execution_role/main.tf

@@ -13,16 +13,17 @@ resource "aws_iam_role" "sra_execution_role" {
       Action = "sts:AssumeRole",
       Effect = "Allow",
       Principal = {
-        AWS = "arn:${var.aws_partition}:iam::${var.management_account_id}:root"
+        AWS = format("arn:%s:iam::%s:root", var.aws_partition, var.management_account_id)
       }
     }]
   })
 
-  managed_policy_arns = [
-    "arn:${var.aws_partition}:iam::aws:policy/AdministratorAccess"
-  ]
-
   tags = {
     "sra-solution" = var.solution_name
   }
+}
+
+resource "aws_iam_role_policy_attachment" "sra_execution_role_admin_policy" {
+  role       = aws_iam_role.sra_execution_role.name
+  policy_arn = format("arn:%s:iam::aws:policy/AdministratorAccess", var.aws_partition)
 }