Startseite Erkunden Hilfe
Registrieren Anmelden
AWS
/
FredsCloudMonitor
2
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: 1d4049c6e2
Branches Tags
FredsCloudMonit...
/
sample
/
iam.shared.tf

iam.shared.tf 1.0 KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839 
  1. resource "aws_iam_policy" "fcm-lambda-base" {
    2. 

  2.   name        = "fcm-lambda-base"
    3. 

  3.   path        = "/fcm/"
    4. 

  4.   description = "FCM policy for EbsEncryptionByDefault Enforcement Analysis"
    5. 

  5. 

  6.   policy = <<LAMBDABASE
    7. 

  7. {
    8. 

  8.     "Version": "2012-10-17",
    9. 

  9.     "Statement": [
    10. 

  10.         {
    11. 

  11.             "Effect": "Allow",
    12. 

  12.             "Action": "logs:CreateLogGroup",
    13. 

  13.             "Resource": "arn:aws:logs:us-east-2:082012130604:log-group:*"
    14. 

  14.         },
    15. 

  15.         {
    16. 

  16.             "Effect": "Allow",
    17. 

  17.             "Action": [
    18. 

  18.                 "logs:CreateLogStream",
    19. 

  19.                 "logs:PutLogEvents"
    20. 

  20.             ],
    21. 

  21.             "Resource": "arn:aws:logs:us-east-2:082012130604:log-group:/aws/lambda/*"
    22. 

  22.         },
    23. 

  23.         {
    24. 

  24.             "Sid": "FCMRequiredAccess",
    25. 

  25.             "Effect": "Allow",
    26. 

  26.             "Action": [
    27. 

  27.                 "kms:Decrypt",
    28. 

  28.                 "kms:GenerateDataKey*",
    29. 

  29.                 "sqs:ReceiveMessage",
    30. 

  30.                 "sqs:DeleteMessage",
    31. 

  31.                 "sqs:GetQueueAttributes"
    32. 

  32.             ],
    33. 

  33.             "Resource": "*"
    34. 

  34.          }
    35. 

  35.      ]
    36. 

  36. }
    37. 

  37. LAMBDABASE
    38. 

  38. }
    39. 

  39.