Terraform - IAM - Role, Policies 구성

2024-01-26 17:20:37 +09:00
parent 33fbacaa2c
commit 61149888de
11 changed files with 141 additions and 0 deletions
--- a/terraform/iam/policies/modules/policies.tf
+++ b/terraform/iam/policies/modules/policies.tf
@@ -0,0 +1,27 @@
+resource "aws_iam_policy" "policy" {
+  name        = "DSK_LambdaExecute"
+  path        = "/"
+
+  policy = jsonencode({
+    "Version": "2012-10-17",
+    "Statement": [
+      {
+        "Effect": "Allow",
+        "Action": [
+          "logs:CreateLogGroup",
+          "logs:CreateLogStream",
+          "logs:PutLogEvents"
+        ],
+        "Resource": "arn:aws:logs:*:*:*"
+      },
+      {
+        "Effect": "Allow",
+        "Action": [
+          "ec2:Start*",
+          "ec2:Stop*"
+        ],
+        "Resource": "*"
+      }
+    ]
+  })
+}