diff options
| author | lian-manonog <lian.manonog@gmail.com> | 2024-08-14 12:36:22 +0100 |
|---|---|---|
| committer | lian-manonog <lian.manonog@gmail.com> | 2024-08-14 12:36:22 +0100 |
| commit | 4d52771ceee6841febc6179e0b9608fb35a792d9 (patch) | |
| tree | 321fa75816c8f1152bc65f8cb00b43c9ffc8337b | |
| parent | 6caff95389a6054f8fe1d1c9c23db9a251b6b355 (diff) | |
| download | de-project-bentley-4d52771ceee6841febc6179e0b9608fb35a792d9.tar.gz de-project-bentley-4d52771ceee6841febc6179e0b9608fb35a792d9.zip | |
change the attachment/policies, individual
| -rw-r--r-- | terraform/iam.tf | 31 |
1 files changed, 23 insertions, 8 deletions
diff --git a/terraform/iam.tf b/terraform/iam.tf index f34d58a..cf4902a 100644 --- a/terraform/iam.tf +++ b/terraform/iam.tf @@ -117,14 +117,29 @@ resource "aws_iam_policy" "s3_write_policy" { } # S3 ATTACH POLICY -resource "aws_iam_role_policy_attachment" "lambda_s3_policy_attachment" { - for_each = toset([ - aws_iam_policy.s3_write_policy.arn, - aws_iam_policy.lambda_execution_policy.arn, - aws_iam_policy.cw_policy.arn - ]) - role = aws_iam_role.multi_service_role.name - policy_arn = each.value +# resource "aws_iam_role_policy_attachment" "lambda_s3_policy_attachment" { +# for_each = toset([ +# aws_iam_policy.s3_write_policy.arn, +# aws_iam_policy.lambda_execution_policy.arn, +# aws_iam_policy.cw_policy.arn +# ]) +# role = aws_iam_role.multi_service_role.name +# policy_arn = each.value +# } + +resource "aws_iam_role_policy_attachment" "s3_attachment" { + role = aws_iam_role.multi_service_role.name + policy_arn = aws_iam_policy.s3_write_policy.arn +} + +resource "aws_iam_role_policy_attachment" "lambda_attachment" { + role = aws_iam_role.multi_service_role.name + policy_arn = aws_iam_policy.lambda_execution_policy.arn +} + +resource "aws_iam_role_policy_attachment" "cw_attachment" { + role = aws_iam_role.multi_service_role.name + policy_arn = aws_iam_policy.cw_policy.arn } ################ |