module "sso_inline_policy_generator" {
source = "./"
permissions = [
{
name = "developers"
statements = [
{
effect = "Allow"
actions = [
"rds:*",
"ecs:*"
]
resources = concat([
data.terraform_remote_state.rds.outputs.cluster_arn,
],
data.terraform_remote_state.lb.outputs.alb_private_arns
)
},
{
effect = "Deny"
actions = [
"s3:*",
]
resources = [
aws_s3_bucket.test.arn
]
}
]
},
{
name = "qa"
statements = [
{
effect = "Allow"
actions = [
"s3:List*",
"s3:Get*",
]
resources = [
aws_s3_bucket.test.arn
]
}
]
}
]
}
Name | Version |
---|---|
terraform | >= 0.13.1 |
aws | >= 4.0 |
Name | Version |
---|---|
aws | >= 4.0 |
No modules.
Name | Type |
---|---|
aws_iam_policy_document.this | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
permissions | List of policies that you want to create with the IAM Policy format. Defaults to empty list. | set(object({ |
[] |
no |
Name | Description |
---|---|
policies_json | Object with the JSON of the generated IAM policies. |