sairamkrish · February 18, 2022 20:33
diff --git a/json_encode_benefit.tf b/json_encode_benefit.tf
 # Not good
 resource "aws_iam_policy" "secrets_policy" {
    name = "some_name"
    policy = <<EOF
  {
      "Version": "2012-10-17",
      "Statement": [
          {
              "Action": "secretsmanager:GetSecretValue",
              "Effect": "Allow".          # syntax error - dot instead of comma
              "Resource": [
                "${aws_secretsmanager_secret.my_secrets.arn}"
              ]
          }
      ]
  }
  EOF
 }

 # Better option - using jsonencode
 resource "aws_iam_policy" "secrets_policy" {
    name = "some_name"
    policy = jsonencode({

      "Version": "2012-10-17",
      "Statement": [
          {
              "Action": "secretsmanager:GetSecretValue",
              "Effect": "Allow".      # syntax error - dot instead of comma
              "Resource": [
                "${aws_secretsmanager_secret.my_secrets.arn}"
              ]
          }
      ]
  })
 }
	# Not good
	resource "aws_iam_policy" "secrets_policy" {
	name = "some_name"
	policy = <<EOF
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Action": "secretsmanager:GetSecretValue",
	"Effect": "Allow". # syntax error - dot instead of comma
	"Resource": [
	"${aws_secretsmanager_secret.my_secrets.arn}"
	]
	}
	]
	}
	EOF
	}

	# Better option - using jsonencode
	resource "aws_iam_policy" "secrets_policy" {
	name = "some_name"
	policy = jsonencode({

	"Version": "2012-10-17",
	"Statement": [
	{
	"Action": "secretsmanager:GetSecretValue",
	"Effect": "Allow". # syntax error - dot instead of comma
	"Resource": [
	"${aws_secretsmanager_secret.my_secrets.arn}"
	]
	}
	]
	})
	}