change policy attachment

rolesanywhere/role.tf

@@ -26,8 +26,7 @@ resource "aws_iam_role" "role" {
   force_detach_policies = local._defaults["force_detach_policies"]
   max_session_duration  = var.max_session_duration
   assume_role_policy    = data.aws_iam_policy_document.role_anywhere_assume.json
-  managed_policy_arns   = var.managed_policy_arns
-
+  #  managed_policy_arns   = var.managed_policy_arns
 
   tags = merge(
     local.base_tags,
@@ -38,7 +37,7 @@ resource "aws_iam_role" "role" {
 }
 
 resource "aws_iam_role_policy_attachment" "role" {
-  for_each   = toset(var.attached_policies)
+  for_each   = toset(distinct(compact(concat(var.attached_policies, var.managed_policy_arns))))
   role       = aws_iam_role.role.name
   policy_arn = each.value
 }