1 data "aws_iam_policy_document" "instance_trust" {
16 resource "aws_iam_role" "default" {
17 name = "${var.module}${length(var.stack) > 0 ? "-" : ""}${var.stack}-role"
18 assume_role_policy = "${data.aws_iam_policy_document.instance_trust.json}"
21 data "aws_iam_policy_document" "default" {
24 actions = ["${var.iam_allow_actions}"]
29 resource "aws_iam_policy" "default" {
30 name = "${var.module}${length(var.stack) > 0 ? "-" : ""}${var.stack}"
31 description = "specific policy for ${var.module}${length(var.stack) > 0 ? "-" : ""}${var.stack}"
32 policy = "${data.aws_iam_policy_document.default.json}"
35 resource "aws_iam_role_policy_attachment" "default" {
36 role = "${aws_iam_role.default.id}"
37 policy_arn = "${aws_iam_policy.default.arn}"
40 resource "aws_iam_role_policy_attachment" "extra" {
41 count = "${length(var.iam_policy_arns)}"
42 role = "${aws_iam_role.default.id}"
43 policy_arn = "${element(var.iam_policy_arns, count.index)}"
46 resource "aws_iam_instance_profile" "default" {
47 name = "${var.module}${length(var.stack) > 0 ? "-" : ""}${var.stack}-instance-profile"
48 role = "${aws_iam_role.default.name}"