Today I Learned

Generating AWS policies in Terraform

Imagine that you have the following policy defined:

resource "aws_iam_user_policy" "circleci" {
 #...
  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Effect = "Allow"
        Action = [
          "s3:PutObject"
        ]
        Resource = [
          "${var.ireland_bucket_arn}/*",
          "${var.mumbai_bucket_arn}/*",
        ]
      }
    ]
  })
}

with latest Terraform (>= v0.12.x) you can rewrite this to for loop and map values accordingly:

        Resource = [
          for arn in var.deployment_bucket_arns :
          "${arn}/*"
        ]

Now, you can only provide one variable to your module that contain a list of ARNs.