From dd55854fce97a15e9ae390b28bc15ba2ff95891e Mon Sep 17 00:00:00 2001
From: Bryant Biggs <bryantbiggs@gmail.com>
Date: Wed, 13 Jul 2022 17:31:39 -0400
Subject: [PATCH] fix: Correct boolean logic for enabling/disabling key owners
 policy statement

---
 .pre-commit-config.yaml | 2 +-
 main.tf                 | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 4ab192b..727e21c 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.72.2
+    rev: v1.74.1
     hooks:
       - id: terraform_fmt
       - id: terraform_validate
diff --git a/main.tf b/main.tf
index fc03824..7951697 100644
--- a/main.tf
+++ b/main.tf
@@ -68,7 +68,7 @@ data "aws_iam_policy_document" "this" {
 
   # Key owner - all key operations
   dynamic "statement" {
-    for_each = var.enable_default_policy ? [1] : []
+    for_each = length(var.key_owners) > 0 ? [1] : []
 
     content {
       sid       = "KeyOwner"