output "role_arn" {
  type  = string
  value = var.create_role ? aws_iam_role.this.arn : null
}

output "policy_arn" {
  type  = string
  value = var.create_policy ? aws_iam_policy.this.arn : null
}