Skip to content

Instantly share code, notes, and snippets.

@sbrinkmeyer
Created August 28, 2017 20:13
Show Gist options
  • Save sbrinkmeyer/03636a5f902f773d811dc17daeb025a8 to your computer and use it in GitHub Desktop.
Save sbrinkmeyer/03636a5f902f773d811dc17daeb025a8 to your computer and use it in GitHub Desktop.
data "aws_iam_policy_document" "build_agent_role_policy" {
statement {
sid="TrustPolicyToAllowEC2AssumeRoleAction"
effect="Allow"
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = [
"ec2.amazonaws.com"
]
}
}
}
resource "aws_iam_instance_profile" "build_agent_profile" {
name = "${var.customer_name}BuildAgentInstanceProfile"
role = "${aws_iam_role.build_agent_role.name}"
}
resource "aws_iam_role" "build_agent_role" {
name = "${var.customer_name}BuildAgentRole"
path = "/"
assume_role_policy = "${data.aws_iam_policy_document.build_agent_role_policy.json}"
}
resource "aws_iam_role_policy_attachment" "build_agent_policy_attach" {
role = "${aws_iam_role.build_agent_role.name}"
policy_arn = "${aws_iam_policy.build_agent_policy.arn}"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment