terraform .12 - 添加多个内联策略

terraform .12 - add multiple inline policies

我想知道是否有添加多个 json 文件策略的简单方法

mypolicy1.json, mypolicy2.json, mypolicy3.json

截至目前,这是我的代码..非常适合一项政策

variable "iam_policy_path" {
  default = "./mypolicy.json"  
}

resource "aws_iam_role_policy" "role" {
  name   = var.name
  role   = var.role
  policy = file(var.iam_policy_path)
}

module "aws_iam_role_policy" {
   source = "../modules/mypolicypolicy/"
   name = "mypolicy"
   role = module.myrole.myroleout
   iam_policy_path = "new_policy_path.json"
}

一种方法是使用 for_each 并让您的 iam_policy_path 成为路径列表。

例如:

variable "iam_policy_path" {
  default = ["./mypolicy.json", "./mypolicy2.json"]  
}

resource "aws_iam_role_policy" "role" {
  
  for_each = toset(var.iam_policy_path) # for each requires set. 
 
  name   = var.name
  role   = var.role

  policy = file(each.key)
}

那么在使用模块时:

module "aws_iam_role_policy" {
   source = "../modules/mypolicypolicy/"
   name = "mypolicy"
   role = module.myrole.myroleout
   iam_policy_path = ["new_policy_path.json", "new_policy_path2.json"]
}

基于额外信息。完整的解决方案可能还需要使用 aws_iam_role_policy_attachment 将托管策略附加到角色。