Is there a way to conditionally add statement blocks in aws_iam_policy_document? I'm looking for something like:
data "aws_iam_policy_document" "policy" {
statement {
sid = "PolicyAlways"
...
}
if (var.enable_optional_policy) {
statement {
sid = "PolicySometimes"
...
}
}
}
Yes. You can use a dynamic block with a boolean to optionally include the block.
data "aws_iam_policy_document" "policy" {
statement {
sid = "PolicyAlways"
...
}
dynamic "statement" {
# The contents of the list below are arbitrary, but must be of length one.
# It is only used to determine whether or not to include this statement.
for_each = var.enable_optional_policy ? [1] : []
content {
sid = "PolicySometimes"
...
}
}
}