Randal
Randal

Reputation: 431

terraform module - how to put policy in a variable

I have this snipit of code im using as my module.

What I am wondering is how can I make the policy

resource "aws_iam_role_policy" "role" {
  name   = var.name
  role   = var.role
  policy = file("${path.module}/mypolicy.json")
}

here is my code I create my TF from:

module "aws_iam_role_policy" {
   source = "../modules/mypolicypolicy/"
   name = "mypolicy"
   role = module.myrole.myroleout
}

What i want to know is the best way to reference 'policy' in my module, and the code I run to actually create the policy based off my module. I do not want to hard code the actual json in my module. How can I make this more reusable for later use for other policies?

Upvotes: 0

Views: 1173

Answers (1)

Marcin
Marcin

Reputation: 239000

What about passing the path to policy as a variable to your module?

In module:

variable "iam_policy_path" {
  default = "./mypolicy.json"  
}

resource "aws_iam_role_policy" "role" {
  name   = var.name
  role   = var.role
  policy = file(var.iam_policy_path)
}

And then in the parent module you just provide new path if needed?

module "aws_iam_role_policy" {
   source = "../modules/mypolicypolicy/"
   name = "mypolicy"
   role = module.myrole.myroleout
   iam_policy_path = "new_policy_path.json"
}

Upvotes: 2

Related Questions