terraform .12 - 添加多个内联策略
terraform .12 - add multiple inline policies
我想知道是否有添加多个 json 文件策略的简单方法
mypolicy1.json,
mypolicy2.json,
mypolicy3.json
截至目前,这是我的代码..非常适合一项政策
variable "iam_policy_path" {
default = "./mypolicy.json"
}
resource "aws_iam_role_policy" "role" {
name = var.name
role = var.role
policy = file(var.iam_policy_path)
}
module "aws_iam_role_policy" {
source = "../modules/mypolicypolicy/"
name = "mypolicy"
role = module.myrole.myroleout
iam_policy_path = "new_policy_path.json"
}
一种方法是使用 for_each 并让您的 iam_policy_path
成为路径列表。
例如:
variable "iam_policy_path" {
default = ["./mypolicy.json", "./mypolicy2.json"]
}
resource "aws_iam_role_policy" "role" {
for_each = toset(var.iam_policy_path) # for each requires set.
name = var.name
role = var.role
policy = file(each.key)
}
那么在使用模块时:
module "aws_iam_role_policy" {
source = "../modules/mypolicypolicy/"
name = "mypolicy"
role = module.myrole.myroleout
iam_policy_path = ["new_policy_path.json", "new_policy_path2.json"]
}
基于额外信息。完整的解决方案可能还需要使用 aws_iam_role_policy_attachment 将托管策略附加到角色。
我想知道是否有添加多个 json 文件策略的简单方法
mypolicy1.json, mypolicy2.json, mypolicy3.json
截至目前,这是我的代码..非常适合一项政策
variable "iam_policy_path" {
default = "./mypolicy.json"
}
resource "aws_iam_role_policy" "role" {
name = var.name
role = var.role
policy = file(var.iam_policy_path)
}
module "aws_iam_role_policy" {
source = "../modules/mypolicypolicy/"
name = "mypolicy"
role = module.myrole.myroleout
iam_policy_path = "new_policy_path.json"
}
一种方法是使用 for_each 并让您的 iam_policy_path
成为路径列表。
例如:
variable "iam_policy_path" {
default = ["./mypolicy.json", "./mypolicy2.json"]
}
resource "aws_iam_role_policy" "role" {
for_each = toset(var.iam_policy_path) # for each requires set.
name = var.name
role = var.role
policy = file(each.key)
}
那么在使用模块时:
module "aws_iam_role_policy" {
source = "../modules/mypolicypolicy/"
name = "mypolicy"
role = module.myrole.myroleout
iam_policy_path = ["new_policy_path.json", "new_policy_path2.json"]
}
基于额外信息。完整的解决方案可能还需要使用 aws_iam_role_policy_attachment 将托管策略附加到角色。