Terraform - Lambda 실행에 필요한 권한 추가

2024-01-29 17:15:45 +09:00
parent 773ce08893
commit 66d4cf04a7
2 changed files with 10 additions and 1 deletions
--- a/terraform/iam/policies/modules/policies.tf
+++ b/terraform/iam/policies/modules/policies.tf
@@ -21,6 +21,14 @@ resource "aws_iam_policy" "policy" {
          "ec2:Stop*"
        ],
        "Resource": "*"
+      },
+      {
+        "Sid": "Invoke",
+        "Effect": "Allow",
+        "Action": [
+            "lambda:InvokeFunction"
+        ],
+        "Resource": "*"
      }
    ]
  })
--- a/terraform/iam/users/variables.tf
+++ b/terraform/iam/users/variables.tf
@@ -9,8 +9,9 @@ variable "iam_users" {
  default = {
    dsk-devops = {
      policies = [
+        "arn:aws:iam::508259851457:policy/DSK_LambdaExecute",
        "arn:aws:iam::aws:policy/AmazonS3FullAccess",
-        "arn:aws:iam::aws:policy/AmazonEC2FullAccess"
+        "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"        
      ]
    }
  }