How to pass a dynamic policy to a module

H.S · November 20, 2023, 9:29am

I created a module for Rest api that needs a different role dependens on the specification.

Currently I hardcoded a policy and allow sts:AssumeRole using this code:

data "aws_iam_policy_document" "lambda_role" {
    statement {
      actions = ["sts:AssumeRole"]
      principals {
        type        = "Service"
        identifiers = ["lambda.amazonaws.com"]
      }
      effect = "Allow"
    }
  }

  resource "aws_iam_role" "lambda_function_role" {
    name = "${var.lambda_function_name}_role"

    assume_role_policy = data.aws_iam_policy_document.lambda_role.json
  }

and in main.tf:



  module "myModule" {
    source                   = "../../modules/api"
    lambda_function_name = "products"
  }

I’m looking for passing a dynamic policy config to the module without hardcoding. Is there any possibility to pass a dynamic policy config as a variable to a module with Terraform?

jamiekt · May 1, 2024, 8:19am

I have the same question. Did you ever figure this out?

UPDATE, I’ve asked a similar question here: How do I pass a configuration block to a variable?

Topic		Replies	Views
How do I pass a configuration block to a variable? Terraform	9	828	October 30, 2024
How to use a Resource created in another module? Terraform	5	17941	December 21, 2020
How do I pass in a variable of list(map(string \|\| list(string))) Terraform	2	1276	December 1, 2019
Issue with Dynamic Blocks in Terraform Configuration Terraform	0	608	December 10, 2023
Aws_lambda_permission conditions Terraform	5	2933	October 14, 2020

How to pass a dynamic policy to a module

Related topics