From d0589a0de6f3380ae8f7b78740eb199b80e226e1 Mon Sep 17 00:00:00 2001
From: dsk-minchulahn <minchulahn@ex-em.com>
Date: Wed, 31 Jan 2024 14:03:17 +0900
Subject: [PATCH] =?UTF-8?q?Terraform=20-=20KMS=20Policy=20=EC=B6=94?=
 =?UTF-8?q?=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 terraform/iam/policies/modules/kms.tf | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 terraform/iam/policies/modules/kms.tf

diff --git a/terraform/iam/policies/modules/kms.tf b/terraform/iam/policies/modules/kms.tf
new file mode 100644
index 0000000..f63c3b7
--- /dev/null
+++ b/terraform/iam/policies/modules/kms.tf
@@ -0,0 +1,20 @@
+resource "aws_iam_policy" "kms_policy" {
+  name        = "DSK_KeyManagementService"
+  path        = "/"
+
+  policy = jsonencode({
+    "Version": "2012-10-17",
+    "Statement": [
+      {
+        "Effect": "Allow",
+        "Action": [
+          "kms:Decrypt",
+          "kms:GenerateDataKey"
+        ],
+        "Resource": [
+          "arn:aws:kms:ap-northeast-2:508259851457:key/a48b1e88-a9bb-4d86-a481-ef54e2f40452"
+        ]
+      }
+    ]
+  })
+}
\ No newline at end of file