dap-ps/infra-dapps
1
0
Fork 0
mirror of https://github.com/dap-ps/infra-dapps.git synced 2025-02-24 09:58:19 +00:00
Code Issues Projects Releases Wiki Activity
infra-dapps/modules/aws-eb-env/access.tf
Jakub Sokołowski d7c413255b
enable access outputs 
Signed-off-by: Jakub Sokołowski <jakub@status.im>
2019-07-31 10:07:41 -04:00

28 lines
733 B
HCL
Raw Blame History

resource "aws_iam_group" "deploy" {
name = "${var.name}-deploy"
}
resource "aws_iam_user" "deploy" {
name = "${var.name}-deploy"
tags = {
Description = "User for deploying the ${var.stage}.${var.dns_domain} Elastic Beanstalk app"
}
}
resource "aws_iam_access_key" "deploy" {
user = aws_iam_user.deploy.name
pgp_key = file("files/support@dap.ps.gpg")
}
resource "aws_iam_user_group_membership" "deploy" {
user = aws_iam_user.deploy.name
groups = [aws_iam_group.deploy.name]
}
/* TODO narrow down these permissions to only deployment */
resource "aws_iam_group_policy_attachment" "deploy" {
group = aws_iam_group.deploy.name
policy_arn = "arn:aws:iam::aws:policy/AWSElasticBeanstalkFullAccess"
}
Reference in New Issue View Git Blame Copy Permalink