我想知道是否有一种简单的方法来添加多个 json 文件策略
mypolicy1.json, mypolicy2.json, mypolicy3.json
到目前为止,这是我的代码..非常适合一项政策
variable "iam_policy_path" {
default = "./mypolicy.json"
}
resource "aws_iam_role_policy" "role" {
name = var.name
role = var.role
policy = file(var.iam_policy_path)
}
module "aws_iam_role_policy" {
source = "../modules/mypolicypolicy/"
name = "mypolicy"
role = module.myrole.myroleout
iam_policy_path = "new_policy_path.json"
}
最佳答案
一种方法是使用 for_each并使您的 iam_policy_path 成为路径列表。
例如:
variable "iam_policy_path" {
default = ["./mypolicy.json", "./mypolicy2.json"]
}
resource "aws_iam_role_policy" "role" {
for_each = toset(var.iam_policy_path) # for each requires set.
name = var.name
role = var.role
policy = file(each.key)
}
然后在使用该模块时:
module "aws_iam_role_policy" {
source = "../modules/mypolicypolicy/"
name = "mypolicy"
role = module.myrole.myroleout
iam_policy_path = ["new_policy_path.json", "new_policy_path2.json"]
}
基于额外信息。完整的解决方案可能还需要使用 aws_iam_role_policy_attachment它将托管策略附加到角色。
关于amazon-web-services - terraform .12 - 添加多个内联策略,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63222069/