sa_8001/dsk-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
havelight-ee
2023-08-09 12:10:53 +09:00
parent a63999d4cc
commit b576d18f0f
5 changed files with 656 additions and 655 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
terraform/aws_iam/policy.tf
View File

@@ -1,13 +1,11 @@
locals {
services = {
"S3" : "s3",
"EFS" : "elasticfilesystem",
"EC2" : "ec2",
"Route53" : "route53",
"Lambda" : "lambda",
"CloudWatch" : "cloudwatch",
"CloudTrail" : "cloudtrail"
"Logs" : "logs"
"CloudTrail" : "cloudtrail",
"Logs" : "logs",
"S3" : "s3",
"Ec2" : "ec2",
"Sqs" : "sqs"
}
}
@@ -74,4 +72,3 @@ resource "aws_iam_group_policy_attachment" "full_access" {
group = each.value.name
policy_arn = aws_iam_policy.full_access[each.key].arn
}

616
terraform/aws_iam/terraform.tfstate
View File

@@ -1,9 +1,18 @@
{
"version": 4,
"terraform_version": "1.3.7",
"serial": 701,
"terraform_version": "1.4.6",
"serial": 785,
"lineage": "757d2b20-88b9-4a16-2150-6bd77f71aa53",
"outputs": {},
"outputs": {
"bypark_password": {
"value": [],
"type": [
"tuple",
[]
],
"sensitive": true
}
},
"resources": [
{
"mode": "managed",
@@ -19,7 +28,7 @@
"id": "CloudTrail_Full_Access_Group",
"name": "CloudTrail_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TARHMCHENK6"
"unique_id": "AGPAXMVVF3TA623FQKNMU"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -32,46 +41,20 @@
"id": "CloudWatch_Full_Access_Group",
"name": "CloudWatch_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TATSL6XWSWS"
"unique_id": "AGPAXMVVF3TARP2XD6BSE"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/EC2_Full_Access_Group",
"id": "EC2_Full_Access_Group",
"name": "EC2_Full_Access_Group",
"arn": "arn:aws:iam::508259851457:group/Ec2_Full_Access_Group",
"id": "Ec2_Full_Access_Group",
"name": "Ec2_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAWVRAXFSZN"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/EFS_Full_Access_Group",
"id": "EFS_Full_Access_Group",
"name": "EFS_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA3NHH2LSWE"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Lambda_Full_Access_Group",
"id": "Lambda_Full_Access_Group",
"name": "Lambda_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA4447WTA7O"
"unique_id": "AGPAXMVVF3TAVMNBJPA5W"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -84,20 +67,7 @@
"id": "Logs_Full_Access_Group",
"name": "Logs_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAW6MCBAETP"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Route53_Full_Access_Group",
"id": "Route53_Full_Access_Group",
"name": "Route53_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAU6Q75T4KR"
"unique_id": "AGPAXMVVF3TAY7W4U7VBX"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -110,7 +80,20 @@
"id": "S3_Full_Access_Group",
"name": "S3_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAVOEQDWJTF"
"unique_id": "AGPAXMVVF3TA4JNQAGBSN"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Sqs_Full_Access_Group",
"id": "Sqs_Full_Access_Group",
"name": "Sqs_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAUT2BUOIPE"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -150,40 +133,14 @@
"private": "bnVsbA=="
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/EC2_ReadOnly_Access_Group",
"id": "EC2_ReadOnly_Access_Group",
"name": "EC2_ReadOnly_Access_Group",
"arn": "arn:aws:iam::508259851457:group/Ec2_ReadOnly_Access_Group",
"id": "Ec2_ReadOnly_Access_Group",
"name": "Ec2_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA6SQQKP3FI"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/EFS_ReadOnly_Access_Group",
"id": "EFS_ReadOnly_Access_Group",
"name": "EFS_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAUX2TUR77F"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Lambda_ReadOnly_Access_Group",
"id": "Lambda_ReadOnly_Access_Group",
"name": "Lambda_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA37JEABZXM"
"unique_id": "AGPAXMVVF3TAUF5H5H4YY"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -201,19 +158,6 @@
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Route53_ReadOnly_Access_Group",
"id": "Route53_ReadOnly_Access_Group",
"name": "Route53_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAZ7YWIQMAB"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "S3",
"schema_version": 0,
@@ -222,7 +166,20 @@
"id": "S3_ReadOnly_Access_Group",
"name": "S3_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA2U5VN542E"
"unique_id": "AGPAXMVVF3TA46ZZ6TCUN"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Sqs_ReadOnly_Access_Group",
"id": "Sqs_ReadOnly_Access_Group",
"name": "Sqs_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TATXM6AF2K3"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -240,7 +197,7 @@
"schema_version": 0,
"attributes": {
"group": "CloudTrail_Full_Access_Group",
"id": "CloudTrail_Full_Access_Group-20230509124530613200000012",
"id": "CloudTrail_Full_Access_Group-20230808011214157000000007",
"policy_arn": "arn:aws:iam::508259851457:policy/CloudTrail_Full_Access"
},
"sensitive_attributes": [],
@@ -255,7 +212,7 @@
"schema_version": 0,
"attributes": {
"group": "CloudWatch_Full_Access_Group",
"id": "CloudWatch_Full_Access_Group-20230509124531008500000016",
"id": "CloudWatch_Full_Access_Group-20230808011214157900000008",
"policy_arn": "arn:aws:iam::508259851457:policy/CloudWatch_Full_Access"
},
"sensitive_attributes": [],
@@ -266,42 +223,12 @@
]
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"group": "EC2_Full_Access_Group",
"id": "EC2_Full_Access_Group-2023050912453057880000000e",
"policy_arn": "arn:aws:iam::508259851457:policy/EC2_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"group": "EFS_Full_Access_Group",
"id": "EFS_Full_Access_Group-20230509124530993200000015",
"policy_arn": "arn:aws:iam::508259851457:policy/EFS_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"group": "Lambda_Full_Access_Group",
"id": "Lambda_Full_Access_Group-20230509124531068800000017",
"policy_arn": "arn:aws:iam::508259851457:policy/Lambda_Full_Access"
"group": "Ec2_Full_Access_Group",
"id": "Ec2_Full_Access_Group-20230808011214139600000005",
"policy_arn": "arn:aws:iam::508259851457:policy/Ec2_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
@@ -315,7 +242,7 @@
"schema_version": 0,
"attributes": {
"group": "Logs_Full_Access_Group",
"id": "Logs_Full_Access_Group-20230517065650690000000002",
"id": "Logs_Full_Access_Group-20230808011214142500000006",
"policy_arn": "arn:aws:iam::508259851457:policy/Logs_Full_Access"
},
"sensitive_attributes": [],
@@ -325,27 +252,12 @@
"aws_iam_policy.full_access"
]
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"group": "Route53_Full_Access_Group",
"id": "Route53_Full_Access_Group-20230509124530592000000010",
"policy_arn": "arn:aws:iam::508259851457:policy/Route53_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
},
{
"index_key": "S3",
"schema_version": 0,
"attributes": {
"group": "S3_Full_Access_Group",
"id": "S3_Full_Access_Group-20230509124530601100000011",
"id": "S3_Full_Access_Group-20230808011214137700000004",
"policy_arn": "arn:aws:iam::508259851457:policy/S3_Full_Access"
},
"sensitive_attributes": [],
@@ -354,6 +266,21 @@
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"group": "Sqs_Full_Access_Group",
"id": "Sqs_Full_Access_Group-20230808014232527900000001",
"policy_arn": "arn:aws:iam::508259851457:policy/Sqs_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
}
]
},
@@ -394,42 +321,12 @@
]
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"group": "EC2_ReadOnly_Access_Group",
"id": "EC2_ReadOnly_Access_Group-20230509124529978000000001",
"policy_arn": "arn:aws:iam::508259851457:policy/EC2_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.read_only",
"aws_iam_policy.read_only"
]
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"group": "EFS_ReadOnly_Access_Group",
"id": "EFS_ReadOnly_Access_Group-2023050912453052350000000b",
"policy_arn": "arn:aws:iam::508259851457:policy/EFS_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.read_only",
"aws_iam_policy.read_only"
]
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"group": "Lambda_ReadOnly_Access_Group",
"id": "Lambda_ReadOnly_Access_Group-20230509124529989800000006",
"policy_arn": "arn:aws:iam::508259851457:policy/Lambda_ReadOnly_Access"
"group": "Ec2_ReadOnly_Access_Group",
"id": "Ec2_ReadOnly_Access_Group-20230808011213547500000002",
"policy_arn": "arn:aws:iam::508259851457:policy/Ec2_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
@@ -454,12 +351,12 @@
]
},
{
"index_key": "Route53",
"index_key": "S3",
"schema_version": 0,
"attributes": {
"group": "Route53_ReadOnly_Access_Group",
"id": "Route53_ReadOnly_Access_Group-20230509124529978100000002",
"policy_arn": "arn:aws:iam::508259851457:policy/Route53_ReadOnly_Access"
"group": "S3_ReadOnly_Access_Group",
"id": "S3_ReadOnly_Access_Group-20230808011213547400000001",
"policy_arn": "arn:aws:iam::508259851457:policy/S3_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
@@ -469,12 +366,12 @@
]
},
{
"index_key": "S3",
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"group": "S3_ReadOnly_Access_Group",
"id": "S3_ReadOnly_Access_Group-20230509124530027000000007",
"policy_arn": "arn:aws:iam::508259851457:policy/S3_ReadOnly_Access"
"group": "Sqs_ReadOnly_Access_Group",
"id": "Sqs_ReadOnly_Access_Group-20230808014232736500000002",
"policy_arn": "arn:aws:iam::508259851457:policy/Sqs_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
@@ -528,53 +425,17 @@
"private": "bnVsbA=="
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/EC2_Full_Access",
"arn": "arn:aws:iam::508259851457:policy/Ec2_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/EC2_Full_Access",
"name": "EC2_Full_Access",
"id": "arn:aws:iam::508259851457:policy/Ec2_Full_Access",
"name": "Ec2_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"ec2:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAU3A63OC6I",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/EFS_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/EFS_Full_Access",
"name": "EFS_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"elasticfilesystem:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAW6RESROQ5",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Lambda_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Lambda_Full_Access",
"name": "Lambda_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"lambda:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAUFHETI3HL",
"policy_id": "ANPAXMVVF3TAVWW5CCHNN",
"tags": {},
"tags_all": {}
},
@@ -599,24 +460,6 @@
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Route53_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Route53_Full_Access",
"name": "Route53_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"route53:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAQTWENY6ZH",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "S3",
"schema_version": 0,
@@ -628,7 +471,25 @@
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"s3:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TA5AKVY6OPF",
"policy_id": "ANPAXMVVF3TAQW7UNRK7I",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Sqs_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Sqs_Full_Access",
"name": "Sqs_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"sqs:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAUS3JANM5M",
"tags": {},
"tags_all": {}
},
@@ -680,53 +541,17 @@
"private": "bnVsbA=="
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/EC2_ReadOnly_Access",
"arn": "arn:aws:iam::508259851457:policy/Ec2_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/EC2_ReadOnly_Access",
"name": "EC2_ReadOnly_Access",
"id": "arn:aws:iam::508259851457:policy/Ec2_ReadOnly_Access",
"name": "Ec2_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"ec2:List*\",\"ec2:Get*\",\"ec2:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAUN6BACP2Y",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/EFS_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/EFS_ReadOnly_Access",
"name": "EFS_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"elasticfilesystem:List*\",\"elasticfilesystem:Get*\",\"elasticfilesystem:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAVXRQVNLS5",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Lambda_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Lambda_ReadOnly_Access",
"name": "Lambda_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"lambda:List*\",\"lambda:Get*\",\"lambda:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TATA6PKAWKB",
"policy_id": "ANPAXMVVF3TA53OJDD2CI",
"tags": {},
"tags_all": {}
},
@@ -751,24 +576,6 @@
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Route53_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Route53_ReadOnly_Access",
"name": "Route53_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"route53:List*\",\"route53:Get*\",\"route53:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TARCWD3MFPD",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "S3",
"schema_version": 0,
@@ -780,7 +587,25 @@
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"s3:List*\",\"s3:Get*\",\"s3:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAYU3FSMCE7",
"policy_id": "ANPAXMVVF3TAUHGGAQYRH",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Sqs_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Sqs_ReadOnly_Access",
"name": "Sqs_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"sqs:List*\",\"sqs:Get*\",\"sqs:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TA2ODI5SLWY",
"tags": {},
"tags_all": {}
},
@@ -792,21 +617,106 @@
{
"mode": "managed",
"type": "aws_iam_user",
"name": "cloudwatch",
"name": "app",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/grafana-cloudwatch",
"arn": "arn:aws:iam::508259851457:user/system/grafana-cloudwatch",
"force_destroy": false,
"id": "grafana-cloudwatch",
"name": "grafana-cloudwatch",
"path": "/",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TA6JCPVKDMO"
"unique_id": "AIDAXMVVF3TA2SX6BGKZ4"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/system/argo-workflow",
"force_destroy": false,
"id": "argo-workflow",
"name": "argo-workflow",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TAY3JZ3EPXL"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"mode": "managed",
"type": "aws_iam_user",
"name": "dev2",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/system/user1",
"force_destroy": false,
"id": "user1",
"name": "user1",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TA55RL4GOYD"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/system/user2",
"force_destroy": false,
"id": "user2",
"name": "user2",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TAXFXW2JU3R"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"mode": "managed",
"type": "aws_iam_user",
"name": "tmp",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/system/bypark",
"force_destroy": false,
"id": "bypark",
"name": "bypark",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TAQDL7S4ZC7"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -816,10 +726,11 @@
{
"mode": "managed",
"type": "aws_iam_user_group_membership",
"name": "cloudwatch",
"name": "app_group_membership",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"groups": [
@@ -827,13 +738,82 @@
"CloudWatch_ReadOnly_Access_Group",
"Logs_ReadOnly_Access_Group"
],
"id": "terraform-20230517055242040800000001",
"id": "terraform-20230808014606188700000002",
"user": "grafana-cloudwatch"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_user.cloudwatch"
"aws_iam_user.app"
]
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"groups": [
"Ec2_ReadOnly_Access_Group",
"S3_Full_Access_Group"
],
"id": "terraform-20230808014605996800000001",
"user": "argo-workflow"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_user.app"
]
}
]
},
{
"mode": "managed",
"type": "aws_iam_user_group_membership",
"name": "tmp_group_membership",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"groups": [
"S3_Full_Access_Group",
"Sqs_Full_Access_Group"
],
"id": "terraform-20230808015151063800000001",
"user": "bypark"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_user.tmp"
]
}
]
},
{
"mode": "managed",
"type": "aws_iam_user_login_profile",
"name": "bypark_login",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"encrypted_password": null,
"id": "user1",
"key_fingerprint": null,
"password": "DYSHckbG'7d!4Ko{y}wf",
"password_length": 20,
"password_reset_required": false,
"pgp_key": null,
"user": "user1"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_user.dev2"
]
}
]

591
terraform/aws_iam/terraform.tfstate.backup
View File

@@ -1,9 +1,18 @@
{
"version": 4,
"terraform_version": "1.3.7",
"serial": 699,
"terraform_version": "1.4.6",
"serial": 783,
"lineage": "757d2b20-88b9-4a16-2150-6bd77f71aa53",
"outputs": {},
"outputs": {
"bypark_password": {
"value": [],
"type": [
"tuple",
[]
],
"sensitive": true
}
},
"resources": [
{
"mode": "managed",
@@ -19,7 +28,7 @@
"id": "CloudTrail_Full_Access_Group",
"name": "CloudTrail_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TARHMCHENK6"
"unique_id": "AGPAXMVVF3TA623FQKNMU"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -32,46 +41,20 @@
"id": "CloudWatch_Full_Access_Group",
"name": "CloudWatch_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TATSL6XWSWS"
"unique_id": "AGPAXMVVF3TARP2XD6BSE"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/EC2_Full_Access_Group",
"id": "EC2_Full_Access_Group",
"name": "EC2_Full_Access_Group",
"arn": "arn:aws:iam::508259851457:group/Ec2_Full_Access_Group",
"id": "Ec2_Full_Access_Group",
"name": "Ec2_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAWVRAXFSZN"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/EFS_Full_Access_Group",
"id": "EFS_Full_Access_Group",
"name": "EFS_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA3NHH2LSWE"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Lambda_Full_Access_Group",
"id": "Lambda_Full_Access_Group",
"name": "Lambda_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA4447WTA7O"
"unique_id": "AGPAXMVVF3TAVMNBJPA5W"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -84,20 +67,7 @@
"id": "Logs_Full_Access_Group",
"name": "Logs_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAW6MCBAETP"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Route53_Full_Access_Group",
"id": "Route53_Full_Access_Group",
"name": "Route53_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAU6Q75T4KR"
"unique_id": "AGPAXMVVF3TAY7W4U7VBX"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -110,7 +80,20 @@
"id": "S3_Full_Access_Group",
"name": "S3_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAVOEQDWJTF"
"unique_id": "AGPAXMVVF3TA4JNQAGBSN"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Sqs_Full_Access_Group",
"id": "Sqs_Full_Access_Group",
"name": "Sqs_Full_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAUT2BUOIPE"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -150,40 +133,14 @@
"private": "bnVsbA=="
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/EC2_ReadOnly_Access_Group",
"id": "EC2_ReadOnly_Access_Group",
"name": "EC2_ReadOnly_Access_Group",
"arn": "arn:aws:iam::508259851457:group/Ec2_ReadOnly_Access_Group",
"id": "Ec2_ReadOnly_Access_Group",
"name": "Ec2_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA6SQQKP3FI"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/EFS_ReadOnly_Access_Group",
"id": "EFS_ReadOnly_Access_Group",
"name": "EFS_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAUX2TUR77F"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Lambda_ReadOnly_Access_Group",
"id": "Lambda_ReadOnly_Access_Group",
"name": "Lambda_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA37JEABZXM"
"unique_id": "AGPAXMVVF3TAUF5H5H4YY"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -201,19 +158,6 @@
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Route53_ReadOnly_Access_Group",
"id": "Route53_ReadOnly_Access_Group",
"name": "Route53_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TAZ7YWIQMAB"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "S3",
"schema_version": 0,
@@ -222,7 +166,20 @@
"id": "S3_ReadOnly_Access_Group",
"name": "S3_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TA2U5VN542E"
"unique_id": "AGPAXMVVF3TA46ZZ6TCUN"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:group/Sqs_ReadOnly_Access_Group",
"id": "Sqs_ReadOnly_Access_Group",
"name": "Sqs_ReadOnly_Access_Group",
"path": "/",
"unique_id": "AGPAXMVVF3TATXM6AF2K3"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -240,7 +197,7 @@
"schema_version": 0,
"attributes": {
"group": "CloudTrail_Full_Access_Group",
"id": "CloudTrail_Full_Access_Group-20230509124530613200000012",
"id": "CloudTrail_Full_Access_Group-20230808011214157000000007",
"policy_arn": "arn:aws:iam::508259851457:policy/CloudTrail_Full_Access"
},
"sensitive_attributes": [],
@@ -255,7 +212,7 @@
"schema_version": 0,
"attributes": {
"group": "CloudWatch_Full_Access_Group",
"id": "CloudWatch_Full_Access_Group-20230509124531008500000016",
"id": "CloudWatch_Full_Access_Group-20230808011214157900000008",
"policy_arn": "arn:aws:iam::508259851457:policy/CloudWatch_Full_Access"
},
"sensitive_attributes": [],
@@ -266,42 +223,12 @@
]
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"group": "EC2_Full_Access_Group",
"id": "EC2_Full_Access_Group-2023050912453057880000000e",
"policy_arn": "arn:aws:iam::508259851457:policy/EC2_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"group": "EFS_Full_Access_Group",
"id": "EFS_Full_Access_Group-20230509124530993200000015",
"policy_arn": "arn:aws:iam::508259851457:policy/EFS_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"group": "Lambda_Full_Access_Group",
"id": "Lambda_Full_Access_Group-20230509124531068800000017",
"policy_arn": "arn:aws:iam::508259851457:policy/Lambda_Full_Access"
"group": "Ec2_Full_Access_Group",
"id": "Ec2_Full_Access_Group-20230808011214139600000005",
"policy_arn": "arn:aws:iam::508259851457:policy/Ec2_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
@@ -315,7 +242,7 @@
"schema_version": 0,
"attributes": {
"group": "Logs_Full_Access_Group",
"id": "Logs_Full_Access_Group-20230517065650690000000002",
"id": "Logs_Full_Access_Group-20230808011214142500000006",
"policy_arn": "arn:aws:iam::508259851457:policy/Logs_Full_Access"
},
"sensitive_attributes": [],
@@ -325,27 +252,12 @@
"aws_iam_policy.full_access"
]
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"group": "Route53_Full_Access_Group",
"id": "Route53_Full_Access_Group-20230509124530592000000010",
"policy_arn": "arn:aws:iam::508259851457:policy/Route53_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
},
{
"index_key": "S3",
"schema_version": 0,
"attributes": {
"group": "S3_Full_Access_Group",
"id": "S3_Full_Access_Group-20230509124530601100000011",
"id": "S3_Full_Access_Group-20230808011214137700000004",
"policy_arn": "arn:aws:iam::508259851457:policy/S3_Full_Access"
},
"sensitive_attributes": [],
@@ -354,6 +266,21 @@
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"group": "Sqs_Full_Access_Group",
"id": "Sqs_Full_Access_Group-20230808014232527900000001",
"policy_arn": "arn:aws:iam::508259851457:policy/Sqs_Full_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.full_access",
"aws_iam_policy.full_access"
]
}
]
},
@@ -394,42 +321,12 @@
]
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"group": "EC2_ReadOnly_Access_Group",
"id": "EC2_ReadOnly_Access_Group-20230509124529978000000001",
"policy_arn": "arn:aws:iam::508259851457:policy/EC2_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.read_only",
"aws_iam_policy.read_only"
]
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"group": "EFS_ReadOnly_Access_Group",
"id": "EFS_ReadOnly_Access_Group-2023050912453052350000000b",
"policy_arn": "arn:aws:iam::508259851457:policy/EFS_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_group.read_only",
"aws_iam_policy.read_only"
]
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"group": "Lambda_ReadOnly_Access_Group",
"id": "Lambda_ReadOnly_Access_Group-20230509124529989800000006",
"policy_arn": "arn:aws:iam::508259851457:policy/Lambda_ReadOnly_Access"
"group": "Ec2_ReadOnly_Access_Group",
"id": "Ec2_ReadOnly_Access_Group-20230808011213547500000002",
"policy_arn": "arn:aws:iam::508259851457:policy/Ec2_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
@@ -454,12 +351,12 @@
]
},
{
"index_key": "Route53",
"index_key": "S3",
"schema_version": 0,
"attributes": {
"group": "Route53_ReadOnly_Access_Group",
"id": "Route53_ReadOnly_Access_Group-20230509124529978100000002",
"policy_arn": "arn:aws:iam::508259851457:policy/Route53_ReadOnly_Access"
"group": "S3_ReadOnly_Access_Group",
"id": "S3_ReadOnly_Access_Group-20230808011213547400000001",
"policy_arn": "arn:aws:iam::508259851457:policy/S3_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
@@ -469,12 +366,12 @@
]
},
{
"index_key": "S3",
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"group": "S3_ReadOnly_Access_Group",
"id": "S3_ReadOnly_Access_Group-20230509124530027000000007",
"policy_arn": "arn:aws:iam::508259851457:policy/S3_ReadOnly_Access"
"group": "Sqs_ReadOnly_Access_Group",
"id": "Sqs_ReadOnly_Access_Group-20230808014232736500000002",
"policy_arn": "arn:aws:iam::508259851457:policy/Sqs_ReadOnly_Access"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
@@ -528,53 +425,17 @@
"private": "bnVsbA=="
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/EC2_Full_Access",
"arn": "arn:aws:iam::508259851457:policy/Ec2_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/EC2_Full_Access",
"name": "EC2_Full_Access",
"id": "arn:aws:iam::508259851457:policy/Ec2_Full_Access",
"name": "Ec2_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"ec2:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAU3A63OC6I",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/EFS_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/EFS_Full_Access",
"name": "EFS_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"elasticfilesystem:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAW6RESROQ5",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Lambda_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Lambda_Full_Access",
"name": "Lambda_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"lambda:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAUFHETI3HL",
"policy_id": "ANPAXMVVF3TAVWW5CCHNN",
"tags": {},
"tags_all": {}
},
@@ -593,24 +454,6 @@
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"logs:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TA4HWZQ45FJ",
"tags": null,
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Route53_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Route53_Full_Access",
"name": "Route53_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"route53:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAQTWENY6ZH",
"tags": {},
"tags_all": {}
},
@@ -628,7 +471,25 @@
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"s3:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TA5AKVY6OPF",
"policy_id": "ANPAXMVVF3TAQW7UNRK7I",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Sqs_Full_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Sqs_Full_Access",
"name": "Sqs_Full_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"sqs:*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAUS3JANM5M",
"tags": {},
"tags_all": {}
},
@@ -680,53 +541,17 @@
"private": "bnVsbA=="
},
{
"index_key": "EC2",
"index_key": "Ec2",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/EC2_ReadOnly_Access",
"arn": "arn:aws:iam::508259851457:policy/Ec2_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/EC2_ReadOnly_Access",
"name": "EC2_ReadOnly_Access",
"id": "arn:aws:iam::508259851457:policy/Ec2_ReadOnly_Access",
"name": "Ec2_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"ec2:List*\",\"ec2:Get*\",\"ec2:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAUN6BACP2Y",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "EFS",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/EFS_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/EFS_ReadOnly_Access",
"name": "EFS_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"elasticfilesystem:List*\",\"elasticfilesystem:Get*\",\"elasticfilesystem:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAVXRQVNLS5",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Lambda",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Lambda_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Lambda_ReadOnly_Access",
"name": "Lambda_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"lambda:List*\",\"lambda:Get*\",\"lambda:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TATA6PKAWKB",
"policy_id": "ANPAXMVVF3TA53OJDD2CI",
"tags": {},
"tags_all": {}
},
@@ -745,24 +570,6 @@
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"logs:List*\",\"logs:Get*\",\"logs:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAUQHN5K463",
"tags": null,
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Route53",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Route53_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Route53_ReadOnly_Access",
"name": "Route53_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"route53:List*\",\"route53:Get*\",\"route53:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TARCWD3MFPD",
"tags": {},
"tags_all": {}
},
@@ -780,7 +587,25 @@
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"s3:List*\",\"s3:Get*\",\"s3:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TAYU3FSMCE7",
"policy_id": "ANPAXMVVF3TAUHGGAQYRH",
"tags": {},
"tags_all": {}
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": "Sqs",
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:policy/Sqs_ReadOnly_Access",
"description": "",
"id": "arn:aws:iam::508259851457:policy/Sqs_ReadOnly_Access",
"name": "Sqs_ReadOnly_Access",
"name_prefix": "",
"path": "/",
"policy": "{\"Statement\":[{\"Action\":[\"sqs:List*\",\"sqs:Get*\",\"sqs:Describe*\"],\"Effect\":\"Allow\",\"Resource\":\"*\"}],\"Version\":\"2012-10-17\"}",
"policy_id": "ANPAXMVVF3TA2ODI5SLWY",
"tags": {},
"tags_all": {}
},
@@ -792,21 +617,106 @@
{
"mode": "managed",
"type": "aws_iam_user",
"name": "cloudwatch",
"name": "app",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/grafana-cloudwatch",
"arn": "arn:aws:iam::508259851457:user/system/grafana-cloudwatch",
"force_destroy": false,
"id": "grafana-cloudwatch",
"name": "grafana-cloudwatch",
"path": "/",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TA6JCPVKDMO"
"unique_id": "AIDAXMVVF3TA2SX6BGKZ4"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/system/argo-workflow",
"force_destroy": false,
"id": "argo-workflow",
"name": "argo-workflow",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TAY3JZ3EPXL"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"mode": "managed",
"type": "aws_iam_user",
"name": "dev2",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/system/user1",
"force_destroy": false,
"id": "user1",
"name": "user1",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TA55RL4GOYD"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/system/user2",
"force_destroy": false,
"id": "user2",
"name": "user2",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TAXFXW2JU3R"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
}
]
},
{
"mode": "managed",
"type": "aws_iam_user",
"name": "tmp",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"arn": "arn:aws:iam::508259851457:user/system/bypark",
"force_destroy": false,
"id": "bypark",
"name": "bypark",
"path": "/system/",
"permissions_boundary": null,
"tags": {},
"tags_all": {},
"unique_id": "AIDAXMVVF3TAQDL7S4ZC7"
},
"sensitive_attributes": [],
"private": "bnVsbA=="
@@ -816,10 +726,11 @@
{
"mode": "managed",
"type": "aws_iam_user_group_membership",
"name": "cloudwatch",
"name": "app_group_membership",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"groups": [
@@ -827,13 +738,57 @@
"CloudWatch_ReadOnly_Access_Group",
"Logs_ReadOnly_Access_Group"
],
"id": "terraform-20230517055242040800000001",
"id": "terraform-20230808014606188700000002",
"user": "grafana-cloudwatch"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_user.cloudwatch"
"aws_iam_user.app"
]
},
{
"index_key": 1,
"schema_version": 0,
"attributes": {
"groups": [
"Ec2_ReadOnly_Access_Group",
"S3_Full_Access_Group"
],
"id": "terraform-20230808014605996800000001",
"user": "argo-workflow"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_user.app"
]
}
]
},
{
"mode": "managed",
"type": "aws_iam_user_login_profile",
"name": "bypark_login",
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",
"instances": [
{
"index_key": 0,
"schema_version": 0,
"attributes": {
"encrypted_password": null,
"id": "user1",
"key_fingerprint": null,
"password": "DYSHckbG'7d!4Ko{y}wf",
"password_length": 20,
"password_reset_required": null,
"pgp_key": null,
"user": "user1"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"aws_iam_user.dev2"
]
}
]

47
terraform/aws_iam/user.tf
View File

@@ -1,13 +1,40 @@
resource "aws_iam_user" "cloudwatch" {
name = "grafana-cloudwatch"
resource "aws_iam_user" "dev2" {
count = length(var.users)
name = var.users[count.index]
path = "/system/"
}
resource "aws_iam_user_group_membership" "cloudwatch" {
user = aws_iam_user.cloudwatch.name
groups = [
"CloudWatch_ReadOnly_Access_Group",
"Logs_ReadOnly_Access_Group",
"CloudTrail_ReadOnly_Access_Group"
]
resource "aws_iam_user" "app" {
count = length(var.apps_users)
name = var.apps_users[count.index].name
path = "/system/"
}
resource "aws_iam_user" "tmp" {
count = length(var.tmp_users)
name = var.tmp_users[count.index].name
path = "/system/"
}
resource "aws_iam_user_group_membership" "app_group_membership" {
count = length(var.apps_users)
user = aws_iam_user.app[count.index].name
groups = var.apps_users[count.index].groups
}
resource "aws_iam_user_group_membership" "tmp_group_membership" {
count = length(var.tmp_users)
user = aws_iam_user.tmp[count.index].name
groups = var.tmp_users[count.index].groups
}
resource "aws_iam_user_login_profile" "bypark_login" {
count = length([for user in var.tmp_users : user if user.is_console_user])
user = aws_iam_user.dev2[count.index].name
password_length = 20
}
output "bypark_password" {
value = [for profile in aws_iam_user_login_profile.bypark_login : profile.encrypted_password if profile.user == "bypark"]
sensitive = true
}

42
terraform/aws_iam/variables.tf
View File

@@ -33,3 +33,45 @@ variable "Public_Subnet_ID_3" {
default = "subnet-0073a61bc56a68a3e"
}
variable "users" {
description = "Dev2 users"
type = list(string)
default = ["user1","user2"]
}
variable "apps_users" {
description = "Apps users and their groups"
type = list(object({
name = string
groups = list(string)
}))
default = [
{
name = "grafana-cloudwatch"
groups = ["CloudWatch_ReadOnly_Access_Group", "Logs_ReadOnly_Access_Group", "CloudTrail_ReadOnly_Access_Group"]
},
{
name = "argo-workflow"
groups = ["Ec2_ReadOnly_Access_Group", "S3_Full_Access_Group"]
}
]
}
variable "tmp_users" {
description = "temp users and their groups"
type = list(object({
name = string
is_console_user = bool
groups = list(string)
}))
default = [
{
name = "bypark",
is_console_user = true,
groups = ["S3_Full_Access_Group", "Sqs_Full_Access_Group"]
}
]
}