Improve Overwrought Variable Structure
Closed this issue · 0 comments
ClusterDaemon commented
This issue departs from the traditional structure, and is a commentary on design.
This module should not seek to only create resources iteratively, but rather should expose the types/resources that this root module wraps via submodules.
At least the user and group competencies should get their own modules for a few reasons (and probably more):
- iterative resource creation does not need to be handled for anything other than encrypted objects, policy attachments, and access keys. This makes multiple for_each statements less complex and improves overall readability significantly.
- Calling submodules via for_each at the root will produce better errors during validation, as validation rules can be associated directly with individual submodule variables rather than a singular top-level variable.
- Module developers can opt out of the module-of-many pattern and its accompanying structure by specifying a submodule directory via the
source
argument. Dependencies between users and groups become the responsibility of the developer.