search

flosell / iam-policy-json-to-terraform

Small tool to convert an IAM Policy in JSON format into a Terraform aws_iam_policy_document
https://flosell.github.io/iam-policy-json-to-terraform/
Apache License 2.0
774 stars 58 forks source link

Feature: rewrite .tf files with embedded policy heredocs #15

Open flosell opened 4 years ago

flosell commented 4 years ago

(triggered by #13)

Introduce a new feature that would be able to read in a terraform file that contains JSON in heredoc and replace the occurrances with actual policy documents: 

resource "aws_iam_policy" "policy" {
  name        = "test_policy"
  path        = "/"
  description = "My test policy"

  policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "ec2:Describe*"
      ],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}
EOF
}

to 

data "aws_iam_policy_document" "policy" {
  statement {
    sid       = ""
    effect    = "Allow"
    resources = ["*"]
    actions   = ["ec2:Describe*"]
  }
}

resource "aws_iam_policy" "policy" {
  name        = "test_policy"
  path        = "/"
  description = "My test policy"

  policy = data.aws_iam_policy_document.policy.json
}
feraudet commented 4 years ago

Would be awesome !