Duane Waddle 310ac1ea6c [MSOCI-1313] Add codebuild to passrole for terraformer		пре 5 година
..
README.md	ffc81e90b9 Decouples IAM terraform from the `live` repository	пре 5 година
datasources.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	пре 5 година
locals.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	пре 5 година
outputs.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	пре 5 година
policy-mdr_engineer.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	пре 5 година
policy-mdr_iam_admin.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	пре 5 година
policy-mdr_readonly_assumerole.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	пре 5 година
policy-mdr_terraformer.tf	310ac1ea6c [MSOCI-1313] Add codebuild to passrole for terraformer	пре 5 година
versions.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	пре 5 година

Standard IAM Policies module

Defines several well-known IAM policies.

Providers

Name	Version
aws	~2.0?
okta	?

Inputs

(none)

Policies created

Policy Name	Description
mdr_engineer	"legacy" policy. Gives effectively PowerUserAccess but with limitations on iam:PassRole and sts:AssumeRole.
iam_admin_kms	"legacy" policy. Gives several `kms:*` actions related to creating, destroying, and managing keys. Encrypt and Decrypt are noticeably absent.
mdr_engineer_readonly_assumerole	Read only access to AWS console with ability to escalate to Terraformer role
mdr_terraformer	Full read/write access to (almost) everything. Has some limitations around PassRole and AssumeRole