如何定义包含嵌套块的Terraform局部变量?

下面是使用Zscaler的ZPA Terraform提供程序访问策略资源的示例。我的问题是，我如何定义这三个条件作为一个局部变量，可以用作动态块与for_each?我需要在数十个/数百个访问策略资源中包含这些相同的条件块，如果我不需要复制/粘贴整个代码段就好了。

resource "zpa_policy_access_rule" "policy-name" {
name             = "policy-name"
description      = "description"
action           = "ALLOW"
default_rule     = false
lss_default_rule = false
operator         = "AND"    
conditions {
negated  = false
operator = "OR"
operands {
object_type = "POSTURE"
lhs         = data.zpa_posture_profile.lvl_1_check_1.posture_udid
rhs         = true
}
operands {
object_type = "POSTURE"
lhs         = data.zpa_posture_profile.lvl_1_check_2.posture_udid
rhs         = true
}
operands {
object_type = "POSTURE"
lhs         = data.zpa_posture_profile.lvl_1_check_3.posture_udid
rhs         = true
}
}
conditions {
negated  = false
operator = "OR"
operands {
object_type = "POSTURE"
lhs         = data.zpa_posture_profile.lvl_2_check_1.posture_udid
rhs         = true
}
operands {
object_type = "POSTURE"
lhs         = data.zpa_posture_profile.lvl_2_check_2.posture_udid
rhs         = true
}
}
conditions {
negated  = false
operator = "AND"
operands {
object_type = "POSTURE"
lhs         = data.zpa_posture_profile.lvl_3_check_1.posture_udid
rhs         = true
}
operands {
object_type = "POSTURE"
lhs         = data.zpa_posture_profile.lvl_3_check_2.posture_udid
rhs         = true
}
}
}

我弄清楚了如何为"操作数"创建局部变量。包含在"条件"中。块，例如:

locals {
LEVEL_1_CHECKS = [
{
object_type = "POSTURE"
rhs = true
lhs = data.zpa_posture_profile.lvl_1_check_1.posture_udid
},
{
object_type = "POSTURE"
rhs = true
lhs = data.zpa_posture_profile.lvl_1_check_2.posture_udid
},
{
object_type = "POSTURE"
rhs = true
lhs = data.zpa_posture_profile.lvl_1_check_3.posture_udid
}
]
LEVEL_2_CHECKS = [
{
object_type = "POSTURE"
rhs = true
lhs = data.zpa_posture_profile.lvl_2_check_1.posture_udid
},
{
object_type = "POSTURE"
rhs = true
lhs = data.zpa_posture_profile.lvl_2_check_2.posture_udid
}
]
LEVEL_3_CHECKS = [
{
object_type = "POSTURE"
rhs = true
lhs = data.zpa_posture_profile.lvl_3_check_1.posture_udid
},
{
object_type = "POSTURE"
rhs = true
lhs = data.zpa_posture_profile.lvl_3_check_2.posture_udid
}
]
}

然而，在创建新的策略资源时，我仍然被大量重复的代码所困扰:

resource "zpa_policy_access_rule" "policy-name" {
name             = "policy-name"
description      = "description"
action           = "ALLOW"
default_rule     = false
lss_default_rule = false
operator         = "AND"    
conditions {
negated  = false
operator = "OR"
dynamic "operands" {
for_each = local.LEVEL_1_CHECKS
content {
object_type = operands.value.object_type
rhs = operands.value.rhs
lhs = operands.value.lhs
}
}
}
conditions {
negated  = false
operator = "AND"
dynamic "operands" {
for_each = local.LEVEL_2_CHECKS
content {
object_type = operands.value.object_type
rhs = operands.value.rhs
lhs = operands.value.lhs
}
}
}
conditions {
negated  = false
operator = "OR"
dynamic "operands" {
for_each = local.LEVEL_3_CHECKS
content {
object_type = operands.value.object_type
rhs = operands.value.rhs
lhs = operands.value.lhs
}
}
}
}

如何定义所有的"条件"?使用本地代码的块?它们永远不会改变，所以我假设这应该是一个简单的任务，但现在我将不得不复制/粘贴50多行到每个新资源中来定义这些项。

这是使用Zscaler ZPA Terraform提供程序:https://registry.terraform.io/providers/zscaler/zpa/latest