README.md 816 B
Standard IAM Policies module
Defines several well-known IAM policies.
Providers
| Name | Version |
|---|---|
| aws | ~2.0? |
| okta | ? |
Inputs
(none)
Policies created
| Policy Name | Description |
|---|---|
| mdr_engineer | "legacy" policy. Gives effectively PowerUserAccess but with limitations on iam:PassRole and sts:AssumeRole. |
| iam_admin_kms | "legacy" policy. Gives several kms:* actions related to creating, destroying, and managing keys. Encrypt and Decrypt are noticeably absent. |
| mdr_engineer_readonly_assumerole | Read only access to AWS console with ability to escalate to Terraformer role |
| mdr_terraformer | Full read/write access to (almost) everything. Has some limitations around PassRole and AssumeRole |