variable "aws_region" {
  default     = "ap-northeast-2"
}

variable "iam_users" {
  type = map(object({
    policies = list(string)
  }))
  default = {
    dongwoo = {
      policies = [
        "arn:aws:iam::aws:policy/AdministratorAccess",
        "arn:aws:iam::aws:policy/IAMUserChangePassword"
      ]
    },
    dsk-devops = {
      policies = [
        "arn:aws:iam::508259851457:policy/DSK_LambdaExecute",
        "arn:aws:iam::aws:policy/AmazonS3FullAccess",
        "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess",
        "arn:aws:iam::aws:policy/SecurityAudit",
        "arn:aws:iam::aws:policy/AWSWAFReadOnlyAccess",
        "arn:aws:iam::aws:policy/AmazonElasticFileSystemReadOnlyAccess"
      ]
    },
    dsk-agent-s3-uploader = {
      policies = [
        "arn:aws:iam::508259851457:policy/DSK_Agent_S3FullAccess"
      ]
    },
    dsk-api-s3-uploader = {
      policies = [
        "arn:aws:iam::508259851457:policy/DSK_API_S3FullAccess"
      ]
    },
    dsk-ses-admin = {
      policies = [
        "arn:aws:iam::aws:policy/AmazonSESFullAccess"
      ]
    }
  }
}

# variable "iam_users" {
#   type = map(object({
#     policies = list(string)
#   }))
#   default = {
#     dsk-devops = {
#       policies = [
#         "arn:aws:iam::aws:policy/AmazonS3FullAccess",
#         "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"
#       ]
#     },
#     dsk-developer = {
#       policies = ["arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"]
#     },
#     dsk-readonly = {
#       policies = [
#         "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"
#       ]
#     },
#     dsk-s3-uploader = {
#       policies = [
#         "arn:aws:iam::aws:policy/AmazonS3FullAccess"
#       ]
#     }
#   }
# }