This module creates IAM policies and policy attachment resources.
- Unified Management: Efficiently manage IAM policies and their attachments within a single module.
Examples available here
NOTE: These examples use the latest version of this module
module "minimum" {
source = "boldlink/iam-policy/aws"
version = "<provide_latest_version_here>"
policy_name = "minimum-policy-example"
description = "IAM policy to grant EC2 describe permissions"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = [
"ec2:Describe*",
]
Effect = "Allow"
Resource = "*"
},
]
})
tags = {
environment = "examples"
"user::CostCenter" = "terraform-registry"
}
}Terraform module documentation
| Name | Version |
|---|---|
| terraform | >= 0.14.11 |
| aws | >= 4.15.1 |
| Name | Version |
|---|---|
| aws | 5.21.0 |
No modules.
| Name | Type |
|---|---|
| aws_iam_policy.main | resource |
| aws_iam_policy_attachment.main | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| description | (Optional, Forces new resource) Description of the IAM policy. | string |
null |
no |
| groups | (Optional) - The group(s) the policy should be applied to | list(string) |
[] |
no |
| name_prefix | (Optional, Forces new resource) Creates a unique name beginning with the specified prefix. Conflicts with name. |
string |
null |
no |
| path | (Optional, default /) Path in which to create the policy. |
string |
null |
no |
| policy | (Required) The policy document. This is a JSON formatted string. | string |
n/a | yes |
| policy_attachment_name | (Optional) - The name of the attachment. Required when users, roles or groups are provided. | string |
null |
no |
| policy_name | (Optional, Forces new resource) The name of the policy. If omitted, Terraform will assign a random, unique name. | string |
null |
no |
| roles | (Optional) - The role(s) the policy should be applied to | list(string) |
[] |
no |
| tags | (Optional) Map of resource tags for the IAM Policy. | map(string) |
{} |
no |
| users | (Optional) - The user(s) the policy should be applied to | list(string) |
[] |
no |
| Name | Description |
|---|---|
| aws_policy_id | The ARN assigned by AWS to this policy. |
| policy_arn | The ARN assigned by AWS to this policy. |
| policy_attachment_name | The name of the attachment. |
| policy_description | The description of the policy. |
| policy_document | The policy document. |
| policy_id | The policy's ID. |
| policy_name | The name of the policy. |
| policy_path | The path of the policy in IAM. |
| policy_tags_all | A map of tags assigned to the resource, including those inherited from the provider default_tags |
This repository uses third party software:
- pre-commit - Used to help ensure code and documentation consistency
- Install with
brew install pre-commit - Manually use with
pre-commit run
- Install with
- terraform 0.14.11 For backwards compatibility we are using version 0.14.11 for testing making this the min version tested and without issues with terraform-docs.
- terraform-docs - Used to generate the Inputs and Outputs sections
- Install with
brew install terraform-docs - Manually use via pre-commit
- Install with
- tflint - Used to lint the Terraform code
- Install with
brew install tflint - Manually use via pre-commit
- Install with
The makefile contained in this repo is optimized for linux paths and the main purpose is to execute testing for now.
- Create all tests stacks including any supporting resources:
make tests- Clean all tests except existing supporting resources:
make clean- Clean supporting resources - this is done separately so you can test your module build/modify/destroy independently.
make cleansupporting- !!!DANGER!!! Clean the state files from examples and test/supportingResources - use with CAUTION!!!
make cleanstatefiles
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent