resource "aws_iam_user" "ecr-user" {
  name = "ecr-user"
  path = "/system/"
  tags = {
    Environment = "${var.environment}"
    Service     = "${var.service}"
  }
}

resource "aws_iam_user_policy" "ecr-user-policy" {
  name = "ecr-user-policy"
  user = aws_iam_user.ecr-user.name

  # AWS profile 계정에 생성되어 있는 모든 ECR 리소스에 ecr 관련 모든 액션을 수행할 권한이 있음.
  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = [
          "ecr:*",
        ]
        Effect   = "Allow"
        Resource = "*"
      },
    ]
  })
}

resource "aws_iam_access_key" "ecr-user-access-key" {
  user = aws_iam_user.ecr-user.name
}
	resource "aws_iam_user" "ecr-user" {
	name = "ecr-user"
	path = "/system/"
	tags = {
	Environment = "${var.environment}"
	Service = "${var.service}"
	}
	}

	resource "aws_iam_user_policy" "ecr-user-policy" {
	name = "ecr-user-policy"
	user = aws_iam_user.ecr-user.name

	# AWS profile 계정에 생성되어 있는 모든 ECR 리소스에 ecr 관련 모든 액션을 수행할 권한이 있음.
	policy = jsonencode({
	Version = "2012-10-17"
	Statement = [
	{
	Action = [
	"ecr:*",
	]
	Effect = "Allow"
	Resource = "*"
	},
	]
	})
	}

	resource "aws_iam_access_key" "ecr-user-access-key" {
	user = aws_iam_user.ecr-user.name
	}