Home Explore Help
Register Sign In
AFS
/
xdr-terraform-modules
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge pull request #252 from mdr-engineering/feature/ftd_MSOCI-1881_JiraState

Adds Default Permissions to Jira-Server Instance Profile
Frederick Damstra 4 years ago
parent
083512977a e0c1e645e0
commit
d5a707b39f
1 changed files with 21 additions and 0 deletions
Split View Show Diff Stats
  1. 21 0
      base/jira/instance_jira/instance-profile.tf

+ 21 - 0
base/jira/instance_jira/instance-profile.tf
View File 

@@ -83,3 +83,24 @@ resource "aws_iam_role_policy_attachment" "jira_server_ecr" {
 
   role       = aws_iam_role.jira_server.name
 
   policy_arn = aws_iam_policy.jira_server_ecr_policy.arn
 
 }
 
+
 
+resource "aws_iam_role_policy_attachment" "jira_splunk_sh_AmazonEC2RoleforSSM" {
 
+  role       = aws_iam_role.jira_server.name
 
+  policy_arn = "arn:${var.aws_partition}:iam::aws:policy/service-role/AmazonEC2RoleforSSM"
 
+}
 
+
 
+resource "aws_iam_role_policy_attachment" "jira_splunk_sh_policy_attach_tag_read" {
 
+  role       = aws_iam_role.jira_server.name
 
+  policy_arn = "arn:${var.aws_partition}:iam::${var.aws_account_id}:policy/launchroles/default_instance_tag_read"
 
+}
 
+
 
+resource "aws_iam_role_policy_attachment" "jira_splunk_sh_policy_attach_cloudwatch" {
 
+  role       = aws_iam_role.jira_server.name
 
+  policy_arn = "arn:${var.aws_partition}:iam::${var.aws_account_id}:policy/cloudwatch_events"
 
+}
 
+
 
+#This policy needs to be create prior to creating the Salt Master
 
+resource "aws_iam_role_policy_attachment" "jira_splunk_sh_policy_attach_binaries" {
 
+  role       = aws_iam_role.jira_server.name
 
+  policy_arn = "arn:${var.aws_partition}:iam::${var.aws_account_id}:policy/launchroles/default_instance_s3_binaries"
 
+}