| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859 |
- resource "aws_iam_policy" "FIAM-COMMON-RestrictRegions" {
- name = "FIAM-COMMON-RestrictRegions"
- path = "/FIAM/"
- description = "Basic for delegated IAM"
- policy = "${data.template_file.FIAM-COMMON-RestrictRegions.rendered}"
- }
- data "template_file" "FIAM-COMMON-RestrictRegions" {
- template = "${file("../policies/FIAM-COMMON-RestrictRegions.json")}"
- vars = {
- account = "${data.aws_caller_identity.current.account_id}"
- }
- }
- resource "aws_iam_policy" "FIAM-COMMON-RestrictServices" {
- name = "FIAM-COMMON-RestrictServices"
- path = "/FIAM/"
- description = "Basic for delegated IAM"
- policy = "${data.template_file.FIAM-COMMON-RestrictServices.rendered}"
- }
- data "template_file" "FIAM-COMMON-RestrictServices" {
- template = "${file("../policies/FIAM-COMMON-RestrictServices.json")}"
- vars = {
- account = "${data.aws_caller_identity.current.account_id}"
- }
- }
- resource "aws_iam_policy" "FIAM-COMMON-IAMBasics" {
- name = "FIAM-COMMON-IAMBasics"
- path = "/FIAM/"
- description = "Basic for delegated IAM"
- policy = "${data.template_file.FIAM-COMMON-IAMBasics.rendered}"
- }
- data "template_file" "FIAM-COMMON-IAMBasics" {
- template = "${file("../policies/FIAM-COMMON-IAMBasics.json")}"
- vars = {
- account = "${data.aws_caller_identity.current.account_id}"
- }
- }
- resource "aws_iam_policy" "FIAM-COMMON-IAM-EC2" {
- name = "FIAM-COMMON-IAM-EC2"
- path = "/FIAM/"
- description = "EC2 permissiosns for delegated IAM access"
- policy = "${data.template_file.FIAM-COMMON-IAM-EC2.rendered}"
- }
- data "template_file" "FIAM-COMMON-IAM-EC2" {
- template = "${file("../policies/FIAM-COMMON-IAM-EC2.json")}"
- vars = {
- account = "${data.aws_caller_identity.current.account_id}"
- }
- }
|
