29 lines
722 B
HCL
29 lines
722 B
HCL
data "aws_s3_bucket" "storage_bucket" {
|
|
bucket = var.boot_bucket
|
|
}
|
|
|
|
data "aws_iam_policy_document" "boot" {
|
|
statement {
|
|
effect = "Allow"
|
|
actions = ["s3:*", "s3-object-lambda:*"]
|
|
resources = ["${data.aws_s3_bucket.storage_bucket.arn}/${var.boot_key}"]
|
|
}
|
|
}
|
|
|
|
resource "aws_iam_policy" "boot" {
|
|
name = "${var.boot_role}Policy"
|
|
description = "The policy that manages the Gitea Boot."
|
|
|
|
policy = data.aws_iam_policy_document.boot.json
|
|
}
|
|
|
|
module "boot_user" {
|
|
source = "terraform-aws-modules/iam/aws//modules/iam-user"
|
|
version = "5.52.2"
|
|
|
|
create_iam_user_login_profile = false
|
|
name = "${var.boot_role}User"
|
|
password_reset_required = false
|
|
policy_arns = [aws_iam_policy.boot.arn]
|
|
}
|