堆栈内存溢出
  简体   繁体   English

terraform managed_policy_arns 问题与 aws_iam_role

[英]terraform managed_policy_arns issue with aws_iam_role

 原文  2022-09-28 14:57:25       amazon-web-services/ terraform/ amazon-iam/ terraform-provider-aws

问题描述

The below code removes the iam policy eks-fargate-logging-policy.以下代码删除了 iam 策略 eks-fargate-logging-policy。 What is the right way to define aws managed and customer managed policies together?一起定义 aws 管理和客户管理策略的正确方法是什么?

    resource "aws_iam_policy" "eks-fargate-logging-policy" {
  name        = "eks-fargate-logging-policy"
  description = "Policy for fargate logs to cloudwatch"

  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = [
          "logs:CreateLogStream",
          "logs:CreateLogGroup",
          "logs:DescribeLogStreams",
          "logs:PutLogEvents"
        ]
        Effect   = "Allow"
        Resource = "*"
      },
    ]
  })
}

resource "aws_iam_role" "fargate_pod_execution_role" {
  name                  = "${var.eks_cluster_name}-eks-fargate-pod-execution-role"
  assume_role_policy    = data.aws_iam_policy_document.fargate_assume_role.json

#Here's the issue
  managed_policy_arns   = [aws_iam_policy.eks-fargate-logging-policy.arn,"arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy"]
  force_detach_policies = true
}

1 个解决方案

解决方案1
 0  2022-09-28 18:13:52

I don't see this issue anymore.我再也看不到这个问题了。 Looks like it works as expected.看起来它按预期工作。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 aws_iam_role 和aws_iam_role_policy 是什么意思? - What is the meaning of aws_iam_role and aws_iam_role_policy? aws / terraform Iam - 内联 - aws / terraform Iam - inline 在 Terraform 内设置 IAM 策略 - Setting IAM Policy within Terraform 如何确定使用 AWS Terraform 资源所需的 AWS IAM 策略权限? - How to determine the AWS IAM policy permissions needed to use AWS Terraform Resources? AWS CloudFormation:如何在 AWS::IAM::Policy 中引用另一个堆栈中定义的角色 - AWS CloudFormation: How to refer a role defined in another stack inside AWS::IAM::Policy 参考Terraform中用for_each创建的几个aws_iam_policy_document数据源 - Reference several aws_iam_policy_document data sources created with for_each in Terraform AWS IAM 角色与组 - AWS IAM Role vs Group AWS IAM。 如何查找我当前角色的权限/策略 - AWS IAM. How to lookup my permissions/policy of my current role AWS 中 IAM 角色和 IAM 用户的区别 - Difference between IAM role and IAM user in AWS Terraform 一个策略到多个 IAM 角色 - Terraform one policy to multiple IAM roles
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM