From 66d4cf04a71208a361f11d51b2b1327f576e3ec3 Mon Sep 17 00:00:00 2001
From: dsk-minchulahn <minchulahn@ex-em.com>
Date: Mon, 29 Jan 2024 17:15:45 +0900
Subject: [PATCH] =?UTF-8?q?Terraform=20-=20Lambda=20=EC=8B=A4=ED=96=89?=
 =?UTF-8?q?=EC=97=90=20=ED=95=84=EC=9A=94=ED=95=9C=20=EA=B6=8C=ED=95=9C=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 terraform/iam/policies/modules/policies.tf | 8 ++++++++
 terraform/iam/users/variables.tf           | 3 ++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/terraform/iam/policies/modules/policies.tf b/terraform/iam/policies/modules/policies.tf
index 219e30a..e3620b6 100644
--- a/terraform/iam/policies/modules/policies.tf
+++ b/terraform/iam/policies/modules/policies.tf
@@ -21,6 +21,14 @@ resource "aws_iam_policy" "policy" {
           "ec2:Stop*"
         ],
         "Resource": "*"
+      },
+      {
+        "Sid": "Invoke",
+        "Effect": "Allow",
+        "Action": [
+            "lambda:InvokeFunction"
+        ],
+        "Resource": "*"
       }
     ]
   })
diff --git a/terraform/iam/users/variables.tf b/terraform/iam/users/variables.tf
index 71d6dbd..3ae91b2 100644
--- a/terraform/iam/users/variables.tf
+++ b/terraform/iam/users/variables.tf
@@ -9,8 +9,9 @@ variable "iam_users" {
   default = {
     dsk-devops = {
       policies = [
+        "arn:aws:iam::508259851457:policy/DSK_LambdaExecute",
         "arn:aws:iam::aws:policy/AmazonS3FullAccess",
-        "arn:aws:iam::aws:policy/AmazonEC2FullAccess"
+        "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"        
       ]
     }
   }