avx-pmarie-aws-infra/modules/aws-iam/role.tf

locals {
  iam_roles = { for name, role in var.iam_roles : name => merge(var.default_iam_role, role) }
}

resource "aws_iam_role" "self" {
  for_each             = local.iam_roles
  name                 = each.key
  assume_role_policy   = jsonencode(each.value.assume_role_policy)
  permissions_boundary = each.value.permissions_boundary
}

resource "aws_iam_role_policy" "self" {
  for_each   = { for role, role_config in local.iam_roles : role => role_config if length(role_config.policy) > 0 }
  name       = each.key
  role       = each.key
  policy     = jsonencode(each.value.policy)
  depends_on = [aws_iam_role.self]
}
Initial commit. 2022-07-01 14:12:11 +02:00			`locals {`
			`iam_roles = { for name, role in var.iam_roles : name => merge(var.default_iam_role, role) }`
			`}`

			`resource "aws_iam_role" "self" {`
			`for_each = local.iam_roles`
			`name = each.key`
			`assume_role_policy = jsonencode(each.value.assume_role_policy)`
			`permissions_boundary = each.value.permissions_boundary`
			`}`

			`resource "aws_iam_role_policy" "self" {`
			`for_each = { for role, role_config in local.iam_roles : role => role_config if length(role_config.policy) > 0 }`
			`name = each.key`
			`role = each.key`
			`policy = jsonencode(each.value.policy)`
			`depends_on = [aws_iam_role.self]`
			`}`