From 21b96ccb1da51b591d0f0f2b0bff4231e8d05043 Mon Sep 17 00:00:00 2001
From: Liam MacPherson <liammacpherson1996@gmail.com>
Date: Thu, 14 Mar 2024 11:40:06 +0000
Subject: [PATCH] fix: add count for inline policy and mark policies as
 optional

---
 modules/aws/permission_sets/README.md    | 4 ++--
 modules/aws/permission_sets/main.tf      | 2 ++
 modules/aws/permission_sets/variables.tf | 6 +++---
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/modules/aws/permission_sets/README.md b/modules/aws/permission_sets/README.md
index e618b8e..37a8400 100644
--- a/modules/aws/permission_sets/README.md
+++ b/modules/aws/permission_sets/README.md
@@ -13,8 +13,8 @@ module "permission_sets" {
   name                = <VALUE>
   description         = <VALUE>
   identity_store_arn  = <VALUE>
-  inline_policies     = ARRAY(<INLINE_POLICY>)
-  managed_policies    = ARRAY(<MANAGED_POLICY_NAME>)
+  inline_policies     = OPTIONAL(ARRAY(<INLINE_POLICY>))
+  managed_policies    = OPTIONAL(ARRAY(<MANAGED_POLICY_NAME>))
 }
 ```
 
diff --git a/modules/aws/permission_sets/main.tf b/modules/aws/permission_sets/main.tf
index 3f256bc..e4e50d1 100644
--- a/modules/aws/permission_sets/main.tf
+++ b/modules/aws/permission_sets/main.tf
@@ -26,6 +26,8 @@ data "aws_iam_policy_document" "iam_policy_document" {
 }
 
 resource "aws_ssoadmin_permission_set_inline_policy" "permission_set_inline_policy" {
+  count              = length(var.inline_policies)
+
   inline_policy      = data.aws_iam_policy_document.iam_policy_document.json
   instance_arn       = var.identity_store_arn
   permission_set_arn = aws_ssoadmin_permission_set.identity_store_permission_set.arn
diff --git a/modules/aws/permission_sets/variables.tf b/modules/aws/permission_sets/variables.tf
index 5b77b9e..66fd83f 100644
--- a/modules/aws/permission_sets/variables.tf
+++ b/modules/aws/permission_sets/variables.tf
@@ -25,16 +25,16 @@ variable "identity_store_arn" {
 
 variable "inline_policies" {
   description = "The inline policy to attach to the permission set."
-  type        = list(object({
+  type        = optional(list(object({
     sid       = optional(string)
     actions        = list(string)
     resources = list(string)
-  }))
+  })))
   default = []
 }
 
 variable "managed_policies" {
   description = "The inline policy to attach to the permission set."
-  type        = list(string)
+  type        = optional(list(string))
   default = []
 }