Difference between revisions of "Terraform resource: aws iam role"

From wikieduonline
Jump to navigation Jump to search
Line 11: Line 11:
 
     Statement = [
 
     Statement = [
 
       {
 
       {
         Action = "sts:AssumeRole"
+
         Action = "[[sts:AssumeRole]]"
 
         Effect = "Allow"
 
         Effect = "Allow"
 
         Sid    = ""
 
         Sid    = ""

Revision as of 16:12, 29 May 2023

aws_iam_role creates an IAM role (tf.io).

Official example

resource "aws_iam_role" "test_role" {
 name = "test_role"

 # Terraform's "jsonencode" function converts a
 # Terraform expression result to valid JSON syntax.
 assume_role_policy = jsonencode({
   Version = "2012-10-17"
   Statement = [
     {
       Action = "sts:AssumeRole"
       Effect = "Allow"
       Sid    = ""
       Principal = {
         Service = "ec2.amazonaws.com"
       }
     },
   ]
 })

 tags = {
   tag-key = "tag-value"
 }
}


 resource "aws_iam_role" "ecs_task_role" {
 name               = "your-ecs-task-role"
 assume_role_policy = <<-EOF
 {
   "Version": "2012-10-17",
   "Statement": [
     {
       "Sid": "",
       "Effect": "Allow",
       "Principal": {
         "Service": "ecs-tasks.amazonaws.com"
       },
       "Action": [
         "sts:AssumeRole"
       ]
     }
   ]
 }
 EOF
}

Errors

Related terms

See also

Advertising: