aws_iam_policy_attachment
Attaches a Managed IAM Policy to user(s), role(s), and/or group(s)
~> NOTE: The aws_iam_policy_attachment resource is only meant to be used once for each managed policy. All of the users/roles/groups that a single policy is being attached to should be declared by a single aws_iam_policy_attachment resource.
resource:
aws_iam_user:
user:
name: test-user
aws_iam_role:
role:
name: test-role
aws_iam_group:
group:
name: test-group
aws_iam_policy:
policy:
name: test-policy
description: 'A test policy'
policy:
aws_iam_policy_attachment:
test-attach:
name: test-attachment
users:
- '${aws_iam_user.user.name}'
roles:
- '${aws_iam_role.role.name}'
groups:
- '${aws_iam_group.group.name}'
policy_arn: '${aws_iam_policy.policy.arn}'
Argument Reference
The following arguments are supported:
name
(Required) - The name of the policy. This cannot be an empty string.users
(Optional) - The user(s) the policy should be applied toroles
(Optional) - The role(s) the policy should be applied togroups
(Optional) - The group(s) the policy should be applied topolicy_arn
(Required) - The ARN of the policy you want to apply
Attributes Reference
The following attributes are exported:
id
- The policy’s ID.name
- The name of the policy.
See the source of this document at Terraform.io