phisinees/iam_users_group_with_role

## iam_users_group_with_role
resource "aws_iam_group" "business_intelligence_group" {
  name = "Business_Intelligence"
}

resource "aws_iam_group_membership" "business_intelligence_group_members" {
  group = aws_iam_group.business_intelligence_group.name
  name  = "Business_Intelligence_Membership"

  users = []
}

resource "aws_iam_group_policy_attachment" "business_intelligence_group" {
  group      = aws_iam_group.business_intelligence_group.name
  policy_arn = aws_iam_policy.business_intelligence_policy.arn
}

resource "aws_iam_policy" "business_intelligence_policy" {
  name   = "bi_group_policy"
  policy = data.aws_iam_policy_document.business_intelligence_policy_document.json
}

data "aws_iam_policy_document" "business_intelligence_policy_document" {
  statement {
    effect  = "Allow"
    actions = ["sts:AssumeRole"]

    resources = [
      "arn:aws:iam::${local.master_account_id}:role/Business_Intelligence",
    ]
  }
}
	resource "aws_iam_group" "business_intelligence_group" {
	name = "Business_Intelligence"
	}

	resource "aws_iam_group_membership" "business_intelligence_group_members" {
	group = aws_iam_group.business_intelligence_group.name
	name = "Business_Intelligence_Membership"

	users = []
	}

	resource "aws_iam_group_policy_attachment" "business_intelligence_group" {
	group = aws_iam_group.business_intelligence_group.name
	policy_arn = aws_iam_policy.business_intelligence_policy.arn
	}

	resource "aws_iam_policy" "business_intelligence_policy" {
	name = "bi_group_policy"
	policy = data.aws_iam_policy_document.business_intelligence_policy_document.json
	}

	data "aws_iam_policy_document" "business_intelligence_policy_document" {
	statement {
	effect = "Allow"
	actions = ["sts:AssumeRole"]

	resources = [
	"arn:aws:iam::${local.master_account_id}:role/Business_Intelligence",
	]
	}
	}