Skip to content

Commit

Permalink
Terraform 6 (#123)
Browse files Browse the repository at this point in the history 
* changes

* addding wfprev_db_subnet

* update listener

* adding iam policies to role
  • Loading branch information
@yzlucas
yzlucas authored Oct 1, 2024
1 parent 32e7d72 commit b499c80
Showing 1 changed file with 27 additions and 0 deletions.
27 changes: 27 additions & 0 deletions terraform/iam.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,3 +37,30 @@ resource "aws_iam_role" "wfprev_ecs_task_execution_role" {
name = var.ecs_task_execution_role_name
assume_role_policy = data.aws_iam_policy_document.ecs_task_execution_role.json
}

resource "aws_iam_role_policy_attachment" "wfprev_ecs_task_execution_changelogs" {
role = aws_iam_role.wfprev_ecs_task_execution_role.name
policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
}

resource "aws_iam_role_policy" "wfprev_ecs_task_execution_cwlogs" {
name = "ecs_task_execution_cwlogs"
role = aws_iam_role.wfprev_ecs_task_execution_role.id

policy = <<-EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup"
],
"Resource": [
"arn:aws:logs:*:*:*"
]
}
]
}
EOF
}

0 comments on commit b499c80

Please sign in to comment.