Policy Layering - YakDriver/fardvag GitHub Wiki

There are two issues with aws_iam_policy_document (in #5047):

1. statement is required when sometimes it would be convenient to use source_json and override_json without (PR #6052).
2. It would be handy to use multiple sources and/or overrides.

The focus of this effort is #1.

The design of #2, not currently being worked, could be something like this: a new data source aws_iam_policy_list with 1 main attribute (e.g., policy_json_list - possibly a policy_id attribute). The list of policies would just be merged in order so later overrides earlier.

Docs

• aws_iam_policy_document

Issues

• better AWS policy layering #5047