Skip to content

Instantly share code, notes, and snippets.

@unbelauscht

unbelauscht/roleAmazonSSMManagedInstanceCore.tf

Last active November 9, 2021 07:42
Show Gist options
  • Save unbelauscht/aa11c175e37e02433c7532a11bfd52a8 to your computer and use it in GitHub Desktop.
Save unbelauscht/aa11c175e37e02433c7532a11bfd52a8 to your computer and use it in GitHub Desktop.
Download ZIP
Terraform AmazonSSMManagedInstanceCore
Raw
roleAmazonSSMManagedInstanceCore.tf
resource "aws_iam_instance_profile" "ssm_role" {
name = "ssm_role"
role = aws_iam_role.ssm_role.name
}
resource "aws_iam_role" "ssm_role" {
name = "ssm-role"
assume_role_policy = jsonencode(
{
Version = "2012-10-17"
Statement = {
Effect = "Allow"
Principal = {
Service = "ec2.amazonaws.com"
}
Action = "sts:AssumeRole"
}
}
)
}
resource "aws_iam_policy_attachment" "ssm_role" {
for_each = toset([
"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore",
"arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM"
])
name = each.key
roles = [ aws_iam_role.ssm_role.name ]
policy_arn = each.key
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment