KyMidd/iam_construction_multiple_statements_policy_doc.tf Secret

## iam_construction_multiple_statements_policy_doc.tf
data "aws_iam_policy_document" "aws_ecr_repository_policy" {
  for_each = toset(local.account_ids)
  statement {
    sid    = "KeyVaultPolicyForAccount${each.value}" #Must be unique in policy, so appending account ID
    effect = "Allow"
    principals {
      type        = "AWS"
      identifiers = ["arn:aws:iam::${each.value}:root"]
    }
    actions = [
      "ecr:GetDownloadUrlForLayer",
      "ecr:BatchGetImage",
      "ecr:BatchCheckLayerAvailability",
    ]
  }
}
	data "aws_iam_policy_document" "aws_ecr_repository_policy" {
	for_each = toset(local.account_ids)
	statement {
	sid = "KeyVaultPolicyForAccount${each.value}" #Must be unique in policy, so appending account ID
	effect = "Allow"
	principals {
	type = "AWS"
	identifiers = ["arn:aws:iam::${each.value}:root"]
	}
	actions = [
	"ecr:GetDownloadUrlForLayer",
	"ecr:BatchGetImage",
	"ecr:BatchCheckLayerAvailability",
	]
	}
	}
No results found