Terraform - IAM user, role, policies 최신화

terraform/iam/users/main.tf

@@ -1,9 +1,3 @@
 provider "aws" {
   region = var.aws_region
-}
-
-module "users" {
-  source    = "./modules"
-  aws_region = var.aws_region
-  iam_users  = var.iam_users
-}
+}

terraform/iam/users/outputs.tf

@@ -1,3 +0,0 @@
-# output "users_result" {
-#   value = module.users.users_result
-# }

terraform/iam/users/users.tf

@@ -1,10 +1,3 @@
-variable "aws_region" {}
-variable "iam_users" {}
-
-# provider "aws" {
-#   region = var.aws_region
-# }
-
 locals {
   user_policies = flatten([for name, policies in var.iam_users : [for policy in policies.policies : { user = name, policy = policy }]])
   users = toset([for user in local.user_policies : user.user])
@@ -21,8 +14,4 @@ resource "aws_iam_user_policy_attachment" "policy_attachment" {
 
   user       = aws_iam_user.iam_user[local.user_policies[count.index].user].name
   policy_arn = local.user_policies[count.index].policy
-}
-
-# output "users_result" {
-#   value = local.user_policies
-# }
+}

terraform/iam/users/variables.tf

@@ -7,6 +7,12 @@ variable "iam_users" {
     policies = list(string)
   }))
   default = {
+    dongwoo = {
+      policies = [
+        "arn:aws:iam::aws:policy/AdministratorAccess",
+        "arn:aws:iam::aws:policy/IAMUserChangePassword"
+      ]
+    },
     dsk-devops = {
       policies = [
         "arn:aws:iam::508259851457:policy/DSK_LambdaExecute",
@@ -16,6 +22,21 @@ variable "iam_users" {
         "arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess",
         "arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess"
       ]
+    },
+    dsk-agent-s3-uploader = {
+      policies = [
+        "arn:aws:iam::508259851457:policy/DSK_Agent_S3FullAccess"
+      ]
+    },
+    dsk-api-s3-uploader = {
+      policies = [
+        "arn:aws:iam::508259851457:policy/DSK_API_S3FullAccess"
+      ]
+    },
+    dsk-ses-admin = {
+      policies = [
+        "arn:aws:iam::aws:policy/AmazonSESFullAccess"
+      ]
     }
   }
 }