Skip to content

Instantly share code, notes, and snippets.

@choisungwook

choisungwook/iam.tf

Created October 1, 2023 15:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save choisungwook/365bde1d9d2ffc0f8703de4e9a6bece2 to your computer and use it in GitHub Desktop.
Save choisungwook/365bde1d9d2ffc0f8703de4e9a6bece2 to your computer and use it in GitHub Desktop.
Download ZIP
terraform_AmazonSSMManagedInstanceCore
Raw
iam.tf
data "aws_iam_policy_document" "ec2_assume_role" {
statement {
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = ["ec2.amazonaws.com"]
}
}
}
data "aws_iam_policy" "systems_manager" {
arn = "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
}
resource "aws_iam_instance_profile" "ssm" {
name = "terraform-dvwa-ssm-instanceprofile"
role = aws_iam_role.ssm.name
}
resource "aws_iam_role" "ssm" {
name = "terraform-dvwa-ssm-iamrole"
assume_role_policy = data.aws_iam_policy_document.ec2_assume_role.json
}
resource "aws_iam_role_policy_attachment" "ssm" {
role = aws_iam_role.ssm.name
policy_arn = data.aws_iam_policy.systems_manager.arn
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment