infra(tf): add wip lambda role

author: Ellie <ecsymonds@gmail.com> 2024-08-13 11:58:02 +0100
committer: Ellie <ecsymonds@gmail.com> 2024-08-13 11:58:02 +0100
commit: 936eee1eb44d8bfdbd148d22b749966e9606fb46 (patch)
tree: 59e462ba8f43cb7896b29946fb47dbde7724be03 /terraform/iam.tf
parent: 65e470c0bce51381da8f401f0ba07bd20a76071f (diff)
download: de-project-bentley-936eee1eb44d8bfdbd148d22b749966e9606fb46.tar.gz
de-project-bentley-936eee1eb44d8bfdbd148d22b749966e9606fb46.zip
1 files changed, 6 insertions, 3 deletions
diff --git a/terraform/iam.tf b/terraform/iam.tf
index dda4d74..10b8749 100644
--- a/terraform/iam.tf
+++ b/terraform/iam.tf
@@ -23,6 +23,9 @@ resource "aws_iam_role" "bentley_service_role" {
 }
 
 # lambda setup
+resource "aws_iam_role" "lambda_role" {
+  assume_role_policy = data.aws_iam_policy_document.bentley_service_role.json
+}
 
 
 # s3 setup
@@ -44,14 +47,14 @@ data "aws_iam_policy_document" "s3_data_policy_doc" {
 }
 
 # write policy
-resource "aws_iam_policy" "s3_policy" {
+resource "aws_iam_policy" "s3_write_policy" {
     policy = data.aws_iam_policy_document.s3_data_policy_doc.json
 }
 
 # attach policy to role
 resource "aws_iam_role_policy_attachment" "s3_policy_attachment" {
-    role = aws_iam_role.bentley_service_role.name
-    policy_arn = aws_iam_policy.s3_policy.arn
+    role = aws_iam_role.lambda_role.name
+    policy_arn = aws_iam_policy.s3_write_policy.arn
 }
 
 # lambda setup
author	Ellie <ecsymonds@gmail.com>	2024-08-13 11:58:02 +0100
committer	Ellie <ecsymonds@gmail.com>	2024-08-13 11:58:02 +0100
commit	936eee1eb44d8bfdbd148d22b749966e9606fb46 (patch)
tree	59e462ba8f43cb7896b29946fb47dbde7724be03 /terraform/iam.tf
parent	65e470c0bce51381da8f401f0ba07bd20a76071f (diff)
download	de-project-bentley-936eee1eb44d8bfdbd148d22b749966e9606fb46.tar.gz de-project-bentley-936eee1eb44d8bfdbd148d22b749966e9606fb46.zip