Hi,
We use .tf modules to build AWS components. In this particular scenario, we are building S3 buckets and assigning policies.
We want to assign s3 policy based the on the number items in the variable share_principles, if the length of that list is zero, we assign the first two policies from the local bucket_policies and if the list isn’t zero, we want to assign all policies from the local bucket_policies.
Terraform doesn’t like the fact that the lists have different sizes and I’ve tried jsoncode & jsonecode method but that doesn’t work either, I’m not sure how to structure the logic to avoid this issue so any help would be great.
Pseudocode is below, please let me know if you need any other info.
main.tf
module s3_bucket {
source = "path to s3 bucket policy building blocks"
bucket = module.bucketname
policy statements = local.bucket_policy
tag = local.tags
}
var.tf
variable share_principles{
type = list(string)
default = []
description = "cross accounts"
}
locals.tf
bucket_policies [
{s3 policy one goes here},{s3 policy two goes here},{s3 share policy goes here}
]
bucket_policy = length(var.share_principles) > 0 ? "ASSIGN ALL THREE S3 POLICIES" : ASSIGN FIRST TWO POLICIES"