Complex Terraform Variables

Hi, I maintain a terraform module that creates a lambda fn along with a bunch of related stuff like policies, roles, event source mappings, etc. I’ve been trying to migrate/rebuild it as a cdktf module written in typescript. It went pretty well to begin with, but now I’ve crashed into an issue I can’t find a way around.

One of the variables for the module is for additional policies to apply to the created role, it looks like this in hcl:

variable "policies" {
  description = "List of objects defining IAM policy statements"
  type = list(object({
    Action   = list(string)
    Resource = list(string)
    Effect   = string
  }))
  default = []
}

In the hcl code for the module I’m creating log groups etc, and then I concat the policies variable with a list that gets created in my module containing the policies for accessing logs etc. I ended up having to add overrides for the variables since the TerraformVariable class only supports simple types, which is fine. My problem is that I cannot find any way to concat the policies variable with my list of policies from within the module that doesn’t end up with some variation on Cannot add elements to list token. The Fn.concat method is implemented as if it only works with lists of strings, so I cant get that to work. I cant combine the lists within typescript as I just get errors saying I need to pluck elements from the list using Fn.element(list, i) instead of list[I]. I’m not actually writing list[i] anywhere but I guess thats what its getting somehow transpiled to when I try to do something like [...oneList, ...otherList] or oneList.push(...otherList).

What am I missing? Surely it can’t be the case that something as trivial as combining 2 lists of objects is impossible when one of those lists is passed to the module as an argument?

You may be able to combine Token.asList with Fn.concat. (as list will get a string that points back to the real list)