Skip to content

Instantly share code, notes, and snippets.

@echohack
Last active October 26, 2018 21:18
Show Gist options
  • Save echohack/c65bd108b90f8219d540af0ec657deff to your computer and use it in GitHub Desktop.
Save echohack/c65bd108b90f8219d540af0ec657deff to your computer and use it in GitHub Desktop.
resource "aws_iam_role" "my_team" {
name = "${var.aws_iam_role}"
assume_role_policy = <<EOF
{
"Version":"2012-10-17",
"Statement":[
{
"Action":"sts:AssumeRole",
"Principal":{
"Service":"ec2.amazonaws.com"
},
"Effect":"Allow"
}
]
}
EOF
}
resource "aws_iam_instance_profile" "my_team" {
name = "${var.instance_profile}"
role = "${aws_iam_role.my_team.name}"
}
resource "aws_iam_role_policy" "my_team" {
name = "my_team"
role = "${aws_iam_role.my_team.id}"
policy = <<EOF
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"s3:Get*",
"s3:List*"
],
"Resource": [
"arn:aws:s3:::${var.s3_bucket}",
"arn:aws:s3:::${var.s3_bucket}/*"
]
}
]
}
EOF
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment