likwid/gist:4e49ffe9cd0f548c3ec41c77a82d2fc9

## gistfile1.txt
/**
 * The iam-roles module manages iam roles and permissions to AWS API calls
 *
 * Usage:
 *
 *    module "iam_roles" {
 *      source      = "../terraform-modules//iam-roles"
 *      name        = "Something"
 *      environment = "awslabsaccount"
 *      role_name   = "describe"
 *      policy_json = "{ }"
 *    }
 *
 */

variable "name" {
  description = "Namespacing for roles"
}

variable "environment" {
  description = "Environment namespacing"
}

variable "role_name" {
  description = "Name of role"
}

variable "role_description" {
  default     = "Description of Role, this should be updated in Terraform"
  description = "Describes the role"
}

variable "policy_json" {
  description = "JSON document representing policy"
}

data "aws_iam_policy_document" "assume_role_ec2" {
  statement {
    actions = [
      "sts:AssumeRole"
    ]

    principals {
      type = "Service"
      identifiers = [
        "ec2.amazonaws.com"
      ]
    }
  }
}

resource "aws_iam_policy" "current" {
  name        = "${format("%s-%s-%s", var.name, var.environment, var.role_name)}"
  description = "${var.role_description}"
  policy      = "${var.policy_json}"
}

resource "aws_iam_role" "current" {
  name               = "${format("%s-%s-%s", var.name, var.environment, var.role_name)}"
  assume_role_policy = "${data.aws_iam_policy_document.assume_role_ec2.json}"
}

resource "aws_iam_instance_profile" "current" {
  name  = "${format("%s-%s-%s", var.name, var.environment, var.role_name)}"
  path  = "/"
  roles = ["${aws_iam_role.current.name}"]
}

resource "aws_iam_policy_attachment" "current" {
  name       = "${format("%s-%s-%s", var.name, var.environment, var.role_name)}"
  roles      = ["${aws_iam_role.current.name}"]
  policy_arn = "${aws_iam_policy.current.arn}"
}

output "arn" {
  value = "${aws_iam_role.current.arn}"
}

output "role_name" {
  value = "${aws_iam_role.current.name}"
}

output "profile_id" {
  value = "${aws_iam_instance_profile.current.id}"
}

output "profile_name" {
  value = "${aws_iam_instance_profile.current.name}"
}
	/**
	* The iam-roles module manages iam roles and permissions to AWS API calls
	*
	* Usage:
	*
	* module "iam_roles" {
	* source = "../terraform-modules//iam-roles"
	* name = "Something"
	* environment = "awslabsaccount"
	* role_name = "describe"
	* policy_json = "{ }"
	* }
	*
	*/

	variable "name" {
	description = "Namespacing for roles"
	}

	variable "environment" {
	description = "Environment namespacing"
	}

	variable "role_name" {
	description = "Name of role"
	}

	variable "role_description" {
	default = "Description of Role, this should be updated in Terraform"
	description = "Describes the role"
	}

	variable "policy_json" {
	description = "JSON document representing policy"
	}

	data "aws_iam_policy_document" "assume_role_ec2" {
	statement {
	actions = [
	"sts:AssumeRole"
	]

	principals {
	type = "Service"
	identifiers = [
	"ec2.amazonaws.com"
	]
	}
	}
	}

	resource "aws_iam_policy" "current" {
	name = "${format("%s-%s-%s", var.name, var.environment, var.role_name)}"
	description = "${var.role_description}"
	policy = "${var.policy_json}"
	}

	resource "aws_iam_role" "current" {
	name = "${format("%s-%s-%s", var.name, var.environment, var.role_name)}"
	assume_role_policy = "${data.aws_iam_policy_document.assume_role_ec2.json}"
	}

	resource "aws_iam_instance_profile" "current" {
	name = "${format("%s-%s-%s", var.name, var.environment, var.role_name)}"
	path = "/"
	roles = ["${aws_iam_role.current.name}"]
	}

	resource "aws_iam_policy_attachment" "current" {
	name = "${format("%s-%s-%s", var.name, var.environment, var.role_name)}"
	roles = ["${aws_iam_role.current.name}"]
	policy_arn = "${aws_iam_policy.current.arn}"
	}

	output "arn" {
	value = "${aws_iam_role.current.arn}"
	}

	output "role_name" {
	value = "${aws_iam_role.current.name}"
	}

	output "profile_id" {
	value = "${aws_iam_instance_profile.current.id}"
	}

	output "profile_name" {
	value = "${aws_iam_instance_profile.current.name}"
	}