From 4d52771ceee6841febc6179e0b9608fb35a792d9 Mon Sep 17 00:00:00 2001
From: lian-manonog <lian.manonog@gmail.com>
Date: Wed, 14 Aug 2024 12:36:22 +0100
Subject: change the attachment/policies, individual

---
 terraform/iam.tf | 31 +++++++++++++++++++++++--------
 1 file changed, 23 insertions(+), 8 deletions(-)

(limited to 'terraform/iam.tf')

diff --git a/terraform/iam.tf b/terraform/iam.tf
index f34d58a..cf4902a 100644
--- a/terraform/iam.tf
+++ b/terraform/iam.tf
@@ -117,14 +117,29 @@ resource "aws_iam_policy" "s3_write_policy" {
 }
 
 # S3 ATTACH POLICY
-resource "aws_iam_role_policy_attachment" "lambda_s3_policy_attachment" {
-  for_each = toset([
-    aws_iam_policy.s3_write_policy.arn,
-    aws_iam_policy.lambda_execution_policy.arn,
-    aws_iam_policy.cw_policy.arn
-  ])
-  role       = aws_iam_role.multi_service_role.name
-  policy_arn = each.value
+# resource "aws_iam_role_policy_attachment" "lambda_s3_policy_attachment" {
+#   for_each = toset([
+#     aws_iam_policy.s3_write_policy.arn,
+#     aws_iam_policy.lambda_execution_policy.arn,
+#     aws_iam_policy.cw_policy.arn
+#   ])
+#   role       = aws_iam_role.multi_service_role.name
+#   policy_arn = each.value
+# }
+
+resource "aws_iam_role_policy_attachment" "s3_attachment" {
+  role = aws_iam_role.multi_service_role.name
+  policy_arn = aws_iam_policy.s3_write_policy.arn
+}
+
+resource "aws_iam_role_policy_attachment" "lambda_attachment" {
+  role = aws_iam_role.multi_service_role.name
+  policy_arn = aws_iam_policy.lambda_execution_policy.arn
+}
+
+resource "aws_iam_role_policy_attachment" "cw_attachment" {
+  role = aws_iam_role.multi_service_role.name
+  policy_arn = aws_iam_policy.cw_policy.arn
 }
 
 ################
-- 
cgit v1.2.3