Randal
Reputation: 431
terraform module - how to put policy in a variable
I have this snipit of code im using as my module.
What I am wondering is how can I make the policy
resource "aws_iam_role_policy" "role" {
name = var.name
role = var.role
policy = file("${path.module}/mypolicy.json")
}
here is my code I create my TF from:
module "aws_iam_role_policy" {
source = "../modules/mypolicypolicy/"
name = "mypolicy"
role = module.myrole.myroleout
}
What i want to know is the best way to reference 'policy' in my module, and the code I run to actually create the policy based off my module. I do not want to hard code the actual json in my module. How can I make this more reusable for later use for other policies?
Upvotes: 0
Views: 1173
Answers (1)
Marcin
Reputation: 239000
What about passing the path to policy as a variable to your module?
In module:
variable "iam_policy_path" {
default = "./mypolicy.json"
}
resource "aws_iam_role_policy" "role" {
name = var.name
role = var.role
policy = file(var.iam_policy_path)
}
And then in the parent module you just provide new path if needed?
module "aws_iam_role_policy" {
source = "../modules/mypolicypolicy/"
name = "mypolicy"
role = module.myrole.myroleout
iam_policy_path = "new_policy_path.json"
}
Upvotes: 2
Related Questions
- Create parameterized resource policy on terraform
- Reference terraform resource by variable
- Pass variables into Terraform IAM Policy Document
- Terraform use each.value.policy_name in data to retrieve specific policy dynamically
- How can I update json returned by terraform created policy?
- how to use IAM policy variables in terraform code
- How to dynamically attach a resource to an inline policy using Terraform?
- terraform .12 - add multiple inline policies
- How to insert a variable inside an AWS policy in terraform
- Terraform - Each statement in the policy should have exactly one resource