File tree Expand file tree Collapse file tree 11 files changed +136
-169
lines changed Expand file tree Collapse file tree 11 files changed +136
-169
lines changed Load Diff This file was deleted.
Original file line number Diff line number Diff line change 1+ resource "aws_iam_group" "admin" {
2+ name = " developer-admin-group"
3+ }
4+
5+ resource "aws_iam_policy_attachment" "admin-attach" {
6+ name = " admin-attachment"
7+ groups = aws_iam_group . admin . name ]
8+ policy_arn = " arn:aws:iam::aws:policy/AdministratorAccess"
9+ }
10+ # Customer Policy Attachment
11+ resource "aws_iam_group" "custom_admin" {
12+ name = " developer-admin-grp-custom-policy-example"
13+ }
14+ resource "aws_iam_group_policy" "Custom_developer_admin_policy" {
15+ name = " my_developer_policy"
16+ group = . custom_admin . name
17+
18+ policy = << EOF
19+ {
20+ "Version": "2012-10-17",
21+ "Statement": [
22+ {
23+ "Action": "*",
24+ "Effect": "Allow",
25+ "Resource": "*"
26+ }
27+ ]
28+ }
29+ EOF
30+ }
31+
32+ resource "aws_iam_user_group_membership" "admin-users" {
33+ user = . demo-user . name
34+
35+ groups =
36+ aws_iam_group . admin . name
37+ ]
38+ }
39+
40+ resource "aws_iam_user_group_membership" "admin-users1" {
41+ user = . demo-user1 . name
42+
43+ groups =
44+ aws_iam_group . admin . name
45+ ]
46+ }
47+ resource "aws_iam_user" "demo-user" {
48+ name = " demo-user"
49+ }
50+
51+ resource "aws_iam_user" "demo-user1" {
52+ name = " demo-user1"
53+ }
Original file line number Diff line number Diff line change 1+ provider "aws" {
2+ region = " eu-west-1"
3+ }
Load Diff This file was deleted.
Original file line number Diff line number Diff line change 1+
2+ resource "aws_instance" "iam_role_instance_example" {
3+ ami = lookup (var. ami_id , var. region )
4+ instance_type = . instance_type
5+ iam_instance_profile = . ec2_profile . name
6+ # key name
7+ key_name = . key_name
8+ # User data passing through template rendering
9+
10+ tags =
11+ Name = " Roles with Ec2"
12+ }
13+ }
14+
15+ output "public_ip" {
16+ value = . iam_role_instance_example . public_ip
17+ }
Original file line number Diff line number Diff line change 1+ provider "aws" {
2+ region = . region
3+ }
4+
5+ resource "aws_iam_role" "s3_access_role" {
6+ name = " s3-access-role"
7+
8+ assume_role_policy = << EOF
9+ {
10+ "Version": "2012-10-17",
11+ "Statement": [
12+ {
13+ "Action": "sts:AssumeRole",
14+ "Principal": {
15+ "Service": "ec2.amazonaws.com"
16+ },
17+ "Effect": "Allow",
18+ "Sid": ""
19+ }
20+ ]
21+ }
22+ EOF
23+
24+ }
25+
26+ resource "aws_iam_instance_profile" "ec2_profile" {
27+ name = " ec2_profile"
28+ role = . s3_access_role . name
29+ }
30+
31+ resource "aws_iam_role_policy" "s3_bcuket_access_policy" {
32+ name = " s3_bcuket_access_policy"
33+ role = . s3_access_role . id
34+
35+ policy = <<- EOF
36+ {
37+ "Version": "2012-10-17",
38+ "Statement": [
39+ {
40+ "Action": [
41+ "s3:*"
42+ ],
43+ "Effect": "Allow",
44+ "Resource": [
45+ "arn:aws:s3:::iambucketdemo-dfredf",
46+ "arn:aws:s3:::iambucketdemo-dfredf/*"
47+ ]
48+ }
49+ ]
50+ }
51+ EOF
52+ }
Original file line number Diff line number Diff line change 1+ resource "aws_s3_bucket" "iam_demo_bucket_name" {
2+ bucket = " iambucketdemo-dfredf"
3+ acl = " private"
4+
5+ tags =
6+ Name = " My bucket"
7+ Environment = " Demo"
8+ }
9+
10+ }
Original file line number Diff line number Diff line change @@ -5,7 +5,7 @@ variable "region" {
55variable "ami_id" {
66 type = " map"
77 default =
8- us-east-1 = " ami-035b3c7efe6d061d5 "
8+ us-east-1 = " ami-04d29b6f966df1537 "
99 eu-west-2 = " ami-132b3c7efe6sdfdsfd"
1010 eu-central-1 = " ami-9787h5h6nsn75gd33"
1111 }
Load Diff This file was deleted.
Load Diff This file was deleted.
You can’t perform that action at this time.
0 commit comments