Skip to content

Instantly share code, notes, and snippets.

@nabarunchatterjee

nabarunchatterjee/role.tf

Created March 8, 2018 14:13
Show Gist options
  • Save nabarunchatterjee/d406bc5e517fe65f30a4e22f929974b3 to your computer and use it in GitHub Desktop.
Save nabarunchatterjee/d406bc5e517fe65f30a4e22f929974b3 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. nabarunchatterjee created this gist Mar 8, 2018.
    40 changes: 40 additions & 0 deletions role.tf
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,40 @@
    data "aws_iam_policy_document" "latest-random-assume-role-policy-document" {
    statement {
    actions = ["sts:AssumeRole"]

    principals {
    type = "Service"
    identifiers = ["ec2.amazonaws.com"]
    }
    }
    }

    data "aws_iam_policy_document" "latest-random-policy-document" {
    statement {
    actions = ["s3:Get*", "s3:List*"]

    resources = ["*"]
    }

    statement {
    actions = ["ec2:*", "iam:PassRole", "cloudwatch:GetMetricStatistics", "cloudwatch:DescribeAlarms", "ecs:*", "elasticloadbalancing:*", "rds:*", "opsworks:*", "route53:*", "s3:*"]

    resources = ["*"]
    }
    }


    resource "aws_iam_policy" "latest-random-policy" {
    name = "latest-random-policy"
    path = "/terraform/"
    policy = "${data.aws_iam_policy_document.latest-random-policy-document.json}"
    }
    resource "aws_iam_role" "latest-random-role" {
    name = "latest-random-role"
    assume_role_policy = "${data.aws_iam_policy_document.latest-random-assume-role-policy-document.json}"
    }

    resource "aws_iam_role_policy_attachment" "latest-random-attachment" {
    role = "${aws_iam_role.latest-random-role.name}"
    policy_arn = "${aws_iam_policy.latest-random-policy.arn}"
    }