Fred Damstra [afs macbook] 5713a943b8 Removes path restrictions for mdr_terraformer role		vor 2 Jahren
..
README.md	ffc81e90b9 Decouples IAM terraform from the `live` repository	vor 5 Jahren
datasources.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	vor 5 Jahren
locals.tf	ffc81e90b9 Decouples IAM terraform from the `live` repository	vor 5 Jahren
outputs.tf	baa1f43824 Applied `terraform fmt` to all modules	vor 3 Jahren
policy-mdr_engineer.tf	82b8d76a53 Updates tfsec/checkov Ignore comments for aws-iam-no-policy-wildcards	vor 3 Jahren
policy-mdr_feedmgmt.tf	82b8d76a53 Updates tfsec/checkov Ignore comments for aws-iam-no-policy-wildcards	vor 3 Jahren
policy-mdr_iam_admin.tf	82b8d76a53 Updates tfsec/checkov Ignore comments for aws-iam-no-policy-wildcards	vor 3 Jahren
policy-mdr_readonly_assumerole.tf	67c98b7677 Updates IMDS & ECR encryption syntax \| tfsec/chekov ignores \|	vor 3 Jahren
policy-mdr_terraformer.tf	5713a943b8 Removes path restrictions for mdr_terraformer role	vor 2 Jahren

Standard IAM Policies module

Defines several well-known IAM policies.

Providers

Name	Version
aws	~2.0?
okta	?

Inputs

(none)

Policies created

Policy Name	Description
mdr_engineer	"legacy" policy. Gives effectively PowerUserAccess but with limitations on iam:PassRole and sts:AssumeRole.
iam_admin_kms	"legacy" policy. Gives several `kms:*` actions related to creating, destroying, and managing keys. Encrypt and Decrypt are noticeably absent.
mdr_engineer_readonly_assumerole	Read only access to AWS console with ability to escalate to Terraformer role
mdr_terraformer	Full read/write access to (almost) everything. Has some limitations around PassRole and AssumeRole