Terraform module which creates am EC2 instance profile with its IAM role and policies on AWS.
Terraform 0.12 and newer.
locals {
instance_profile_custom_policy_1 = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"route53:GetChange",
"route53:ListHostedZones",
"route53:ChangeResourceRecordSets"
],
"Resource": "*"
}
]
}
EOF
}
module "ec2_instance_profile" {
source = "/path/to/terraform-aws-ec2-instance-profile"
name = var.name
custom_policy_jsons = [local.instance_profile_custom_policy_1]
enable_cloudwatch_agent_policy = true
enable_ssm_policy = true
}
Name | Version |
---|---|
terraform | >= 0.12.6 |
aws | >= 2.65 |
Name | Version |
---|---|
aws | >= 2.65 |
No modules.
Name | Type |
---|---|
aws_iam_instance_profile.ec2 | resource |
aws_iam_policy.cloudwatch_agent | resource |
aws_iam_policy.custom | resource |
aws_iam_policy.ssm | resource |
aws_iam_role.ec2 | resource |
aws_iam_role_policy_attachment.cloudwatch_agent | resource |
aws_iam_role_policy_attachment.custom | resource |
aws_iam_role_policy_attachment.ssm | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
custom_policy_jsons | List of JSON strings of custom policies to be attached to the Instance Profile | list(string) |
[] |
no |
enable_cloudwatch_agent_policy | Enable cloudwatch agent policy permissions to the IAM Role for the Instance Profile | bool |
true |
no |
enable_ssm_policy | Enable ssm policy permissions to the IAM Role for the Instance Profile | bool |
true |
no |
name | Name to be used on all the resources as identifier | string |
n/a | yes |
Name | Description |
---|---|
instance_profile_id | ID of Instance Profile used to reference the created objects in aws_instance resources |
Module managed by Marcel Emmert.
Apache 2 Licensed. See LICENSE for full details.