Converts AWS IAM policies into Terraform's aws_iam_policy_document format.

Given a JSON IAM policy document on stdin, it will produce an equivalent terraform document on stdout:

$ ruby iam2tf.rb < example.json

It is also available as a docker image:

$ docker run -i aasmith/iam2tf < example.json

data "aws_iam_policy_document" "iam2tf" {

  statement {
    sid    = ""
    effect = "Allow"

    actions = [
      "sts:AssumeRole"
    ]

    principals {
      type = "Service"

      identifiers = [
        "ecs-tasks.amazonaws.com"
      ]
    }

  }

}

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Service": "ecs-tasks.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

Current status: better than nothing.

for i in test/*.json; do echo $i; ruby iam2tf.rb < $i || break; done

• Improve error handling
• Add command line options to accept multiple files, etc.

• Terraform IAM Policy Document
• IAM Policy Grammar