https://stackoverflow.com/questions/45002292/terraform-correct-way-to-attach-aws-managed-policies-to-a-role
@IkarPohorský it makes no difference to your infrastructure, but it does make a difference to tools that are built on top of terraform. If you create a data object, the dependency is tracked in terraform alongside all of your other resources. Internally, terraform is building a graph of your infrastructure. You can dump this graph with
terraform graph
. You'll see the data object in the output if it's tracked as a data dependency, but not if you hard code a string. If you have GraphViz installed, visualize it with
terraform graph | dot -Tsvg > graph.svg
.
– jorelli