Skip to content

Instantly share code, notes, and snippets.

@nabarunchatterjee

nabarunchatterjee/role.tf

Created March 8, 2018 14:13
Show Gist options
  • Save nabarunchatterjee/d406bc5e517fe65f30a4e22f929974b3 to your computer and use it in GitHub Desktop.
Save nabarunchatterjee/d406bc5e517fe65f30a4e22f929974b3 to your computer and use it in GitHub Desktop.
Download ZIP
Trust relationship role
Raw
role.tf
data "aws_iam_policy_document" "latest-random-assume-role-policy-document" {
statement {
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = ["ec2.amazonaws.com"]
}
}
}
data "aws_iam_policy_document" "latest-random-policy-document" {
statement {
actions = ["s3:Get*", "s3:List*"]
resources = ["*"]
}
statement {
actions = ["ec2:*", "iam:PassRole", "cloudwatch:GetMetricStatistics", "cloudwatch:DescribeAlarms", "ecs:*", "elasticloadbalancing:*", "rds:*", "opsworks:*", "route53:*", "s3:*"]
resources = ["*"]
}
}
resource "aws_iam_policy" "latest-random-policy" {
name = "latest-random-policy"
path = "/terraform/"
policy = "${data.aws_iam_policy_document.latest-random-policy-document.json}"
}
resource "aws_iam_role" "latest-random-role" {
name = "latest-random-role"
assume_role_policy = "${data.aws_iam_policy_document.latest-random-assume-role-policy-document.json}"
}
resource "aws_iam_role_policy_attachment" "latest-random-attachment" {
role = "${aws_iam_role.latest-random-role.name}"
policy_arn = "${aws_iam_policy.latest-random-policy.arn}"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment