~nromdotcom/gemif

ref: 82bb8de4168fc18f3c6ebab80136c6ed5d7a7363 gemif/infra/iam.tf -rw-r--r-- 652 bytes
82bb8de4Norm MacLennan Clean up the Terraform a bit 1 year, 1 month ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
resource "aws_iam_instance_profile" "gemif" {
  name = "gemif-profile"
  role = aws_iam_role.gemif.name
}

resource "aws_iam_role" "gemif" {
  name = "gemif-role"
  path = "/"

  assume_role_policy = data.aws_iam_policy_document.ec2_assume.json
}

data "aws_iam_policy_document" "ec2_assume" {
  version = "2012-10-17"
  statement {
    actions = ["sts:AssumeRole"]
    principals {
      type = "Service"
      identifiers = ["ec2.amazonaws.com"]
    }
    effect = "Allow"
  }
}

resource "aws_iam_role_policy_attachment" "gemif_ssm" {
  role       = aws_iam_role.gemif.name
  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM"
}