s3-iam-policy
dod-iac/s3-iam-policy/aws
IAM policy that allows reading from a AWS S3 bucket.
Usage Creates an IAM policy that allows reading from a AWS S3 bucket. ``hcl module "s3_iam_policy" { source = "dod-iac/s3-iam-policy/aws" buckets = var.buckets name = format("%s-s3-user-%s", var.application, var.environment) } ` Creates an IAM policy that allows reading from an encrypted AWS S3 bucket. `hcl module "s3_kms_key" { source = "dod-iac/s3-kms-key/aws" name = format("alias/app-%s-s3-%s", var.application, var.environment) description = format("A KMS key used to encrypt objects at rest in S3 for %s:%s.", var.application, var.environment) principals = [var.instance_role_arn] tags = { Application = var.application Environment = var.environment Automation = "Terraform" } } module "s3_iam_policy" { source = "dod-iac/s3-iam-policy/aws" buckets = var.buckets keys = [module.s3_kms_key.aws
| Name | Type | Description | Default |
|---|---|---|---|
| buckets | list(string) | The ARNs of the AWS S3 buckets. Use ["*"] to allow all buckets. | |
| name | string | The name of the AWS IAM policy. | |
| require_mfa | string | If true, actions require multi-factor authentication. | false |
| description | string | The description of the AWS IAM policy. Defaults to "The policy for [NAME]." | "" |
| keys | list(string) | The ARNs of the AWS KMS keys. Use ["*"] to allow all keys. | [] |
arn — The Amazon Resource Name (ARN) of the AWS IAM policy.id — The id of the AWS IAM policy.name — The name of the AWS IAM policy.Azure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,