{ lib, ... }:

let
  inherit (lib) hasSuffix filterAttrs removeSuffix attrNames nameValuePair mapToAttrs;

  policiesFiles = builtins.readDir ./policies;
  rawPolicies = attrNames (filterAttrs (filename: filetype: filetype == "regular" && hasSuffix ".hcl" filename) policiesFiles);
in {
  resource.vault_policy = (mapToAttrs (filename: let
    name = removeSuffix ".hcl" filename;
  in nameValuePair name {
    inherit name;
    policy = builtins.readFile (./policies + "/${filename}");
  }) rawPolicies);
}