Terraform：在aws_iam_policy_document中使用条件语句块？

Question

Terraform：在aws_iam_policy_document中使用条件语句块？

22

是否有一种条件性添加 aws_iam_policy_document 中的 statement 块的方法？我正在寻找类似于以下内容：

data "aws_iam_policy_document" "policy" {
  statement {
    sid = "PolicyAlways"

    ...
  }

  if (var.enable_optional_policy) {
    statement {
      sid = "PolicySometimes"

      ...
    }
  }
}

- jbreed

1个回答

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- Ben Whaley · Accepted Answer

可以。您可以使用带有布尔值的dynamic块来选择性地包含该块。

data "aws_iam_policy_document" "policy" {
  statement {
    sid = "PolicyAlways"

    ...
  }

  dynamic "statement" {
    # The contents of the list below are arbitrary, but must be of length one. 
    # It is only used to determine whether or not to include this statement.
    for_each = var.enable_optional_policy ? [1] : []

    content {
      sid = "PolicySometimes"
      ...
    }
  }
}