flosell/iam-policy-json-to-terraform

Feature: rewrite .tf files with embedded policy heredocs

flosell opened this issue · 1 comments

(triggered by #13)

Introduce a new feature that would be able to read in a terraform file that contains JSON in heredoc and replace the occurrances with actual policy documents:

resource "aws_iam_policy" "policy" {
  name        = "test_policy"
  path        = "/"
  description = "My test policy"

  policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "ec2:Describe*"
      ],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}
EOF
}

to

data "aws_iam_policy_document" "policy" {
  statement {
    sid       = ""
    effect    = "Allow"
    resources = ["*"]
    actions   = ["ec2:Describe*"]
  }
}

resource "aws_iam_policy" "policy" {
  name        = "test_policy"
  path        = "/"
  description = "My test policy"

  policy = data.aws_iam_policy_document.policy.json
}

Would be awesome !