Commit e4a4948e authored by Craig Barrett's avatar Craig Barrett

Use IAM user resource instead of hard-coding principals

parent 3f173de5
......@@ -6,11 +6,6 @@ data "aws_iam_policy_document" "datateam-greenhouse-extract" {
"s3:ListBucket",
]
principals = {
type = "AWS"
identifiers = ["arn:aws:iam::855262394183:user/datateam-greenhouse-extract"]
}
resources = [
"${aws_s3_bucket.datateam-greenhouse-extract.arn}",
]
......@@ -24,11 +19,6 @@ data "aws_iam_policy_document" "datateam-greenhouse-extract" {
"s3:PutObject",
]
principals = {
type = "AWS"
identifiers = ["arn:aws:iam::855262394183:user/datateam-greenhouse-extract"]
}
resources = [
"${aws_s3_bucket.datateam-greenhouse-extract.arn}",
"${aws_s3_bucket.datateam-greenhouse-extract.arn}/*",
......@@ -36,12 +26,21 @@ data "aws_iam_policy_document" "datateam-greenhouse-extract" {
}
}
resource "aws_iam_user" "datateam-greenhouse-extract" {
name = "datateam-greenhouse-extract"
}
resource "aws_iam_policy" "datateam-greenhouse-extract" {
name = "datateam-greenhouse-extract"
path = "/"
policy = "${data.aws_iam_policy_document.datateam-greenhouse-extract.json}"
}
resource "aws_iam_user_policy_attachment" "datateam-greenhouse-extract" {
user = "${aws_iam_user.datateam-greenhouse-extract.name}"
policy_arn = "${aws_iam_policy.datateam-greenhouse-extract.arn}"
}
resource "aws_s3_bucket" "datateam-greenhouse-extract" {
bucket = "datateam-greenhouse-extract"
acl = "private"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment