Fred Damstra ffc81e90b9 Decouples IAM terraform from the `live` repository		преди 5 години
..
README.md	ffc81e90b9 Decouples IAM terraform from the `live` repository	преди 5 години
datasources.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	преди 5 години
locals.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	преди 5 години
outputs.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	преди 5 години
policy-mdr_engineer.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	преди 5 години
policy-mdr_iam_admin.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	преди 5 години
policy-mdr_readonly_assumerole.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	преди 5 години
policy-mdr_terraformer.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	преди 5 години
versions.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	преди 5 години

Standard IAM Policies module

Defines several well-known IAM policies.

Providers

Name	Version
aws	~2.0?
okta	?

Inputs

(none)

Policies created

Policy Name	Description
mdr_engineer	"legacy" policy. Gives effectively PowerUserAccess but with limitations on iam:PassRole and sts:AssumeRole.
iam_admin_kms	"legacy" policy. Gives several `kms:*` actions related to creating, destroying, and managing keys. Encrypt and Decrypt are noticeably absent.
mdr_engineer_readonly_assumerole	Read only access to AWS console with ability to escalate to Terraformer role
mdr_terraformer	Full read/write access to (almost) everything. Has some limitations around PassRole and AssumeRole