terraform.aws-baseline-infra/modules/security_identity_compliance/iam-group/main.tf

resource "aws_iam_group" "iam-group" {
  name  = var.iam-group-name
}

resource "aws_iam_group_policy" "iam-group-policy-new-group" {
  count  = var.iam-group-policy != "" ? 1 : 0
  name   = var.iam-group-policy-name
  group  = aws_iam_group.iam-group.name
  policy = var.iam-group-policy
}

resource "aws_iam_group_policy_attachment" "iam-group-managed-policies" {
  count      = length(var.managed-policy-arns) > 0 ? 1 : 0
  group      = aws_iam_group.iam-group.name
  policy_arn = var.managed-policy-arns[count.index]
}