Last active
November 17, 2020 10:26
-
-
Save shiftie/5bed313a9a7ddc9fa62dd85b80fb04c7 to your computer and use it in GitHub Desktop.
Terraform IAM policies combine
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
locals { | |
policies = [ | |
# policies to combine in JSON | |
# might be: | |
# - data.aws_iam_policy.some-policy.policy | |
# - aws_iam_policy.some-policy.policy | |
# - file("some-policy.json") | |
# - templatefile("some-policy.json.tpl", {}) | |
# - aws_iam_policy_document.some-policy.json | |
aws_iam_policy.policy1.policy, | |
templatefile("${path.module}/policies/some-policy.json.tpl", { | |
aws_region = var.aws_region | |
account_id = var.account_id | |
}) | |
] | |
combined = jsonencode({ | |
Statement = flatten(concat([ | |
for rules in [ | |
for policy in local.policies : | |
jsondecode(policy).Statement | |
] : | |
rules | |
])) | |
Version = "2012-10-17" | |
}) | |
} | |
# Usage | |
resource "aws_iam_policy" "example" { | |
name = "my-policy" | |
policy = local.combined | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment