@@ -131,20 +131,12 @@ data "aws_iam_policy_document" "logs" {
131
131
}
132
132
}
133
133
134
- resource "aws_iam_policy " "logs" {
134
+ resource "aws_iam_role_policy " "logs" {
135
135
count = local. create_role && var. attach_cloudwatch_logs_policy ? 1 : 0
136
136
137
137
name = " ${ local . policy_name } -logs"
138
- path = var . policy_path
138
+ role = aws_iam_role . lambda [ 0 ] . name
139
139
policy = data. aws_iam_policy_document . logs [0 ]. json
140
- tags = var. tags
141
- }
142
-
143
- resource "aws_iam_role_policy_attachment" "logs" {
144
- count = local. create_role && var. attach_cloudwatch_logs_policy ? 1 : 0
145
-
146
- role = aws_iam_role. lambda [0 ]. name
147
- policy_arn = aws_iam_policy. logs [0 ]. arn
148
140
}
149
141
150
142
# ####################
@@ -168,20 +160,12 @@ data "aws_iam_policy_document" "dead_letter" {
168
160
}
169
161
}
170
162
171
- resource "aws_iam_policy " "dead_letter" {
163
+ resource "aws_iam_role_policy " "dead_letter" {
172
164
count = local. create_role && var. attach_dead_letter_policy ? 1 : 0
173
165
174
166
name = " ${ local . policy_name } -dl"
175
- path = var . policy_path
167
+ role = aws_iam_role . lambda [ 0 ] . name
176
168
policy = data. aws_iam_policy_document . dead_letter [0 ]. json
177
- tags = var. tags
178
- }
179
-
180
- resource "aws_iam_role_policy_attachment" "dead_letter" {
181
- count = local. create_role && var. attach_dead_letter_policy ? 1 : 0
182
-
183
- role = aws_iam_role. lambda [0 ]. name
184
- policy_arn = aws_iam_policy. dead_letter [0 ]. arn
185
169
}
186
170
187
171
# #####
@@ -259,60 +243,36 @@ data "aws_iam_policy_document" "async" {
259
243
}
260
244
}
261
245
262
- resource "aws_iam_policy " "async" {
246
+ resource "aws_iam_role_policy " "async" {
263
247
count = local. create_role && var. attach_async_event_policy ? 1 : 0
264
248
265
249
name = " ${ local . policy_name } -async"
266
- path = var . policy_path
250
+ role = aws_iam_role . lambda [ 0 ] . name
267
251
policy = data. aws_iam_policy_document . async [0 ]. json
268
- tags = var. tags
269
- }
270
-
271
- resource "aws_iam_role_policy_attachment" "async" {
272
- count = local. create_role && var. attach_async_event_policy ? 1 : 0
273
-
274
- role = aws_iam_role. lambda [0 ]. name
275
- policy_arn = aws_iam_policy. async [0 ]. arn
276
252
}
277
253
278
254
# ##########################
279
255
# Additional policy (JSON)
280
256
# ##########################
281
257
282
- resource "aws_iam_policy " "additional_json" {
258
+ resource "aws_iam_role_policy " "additional_json" {
283
259
count = local. create_role && var. attach_policy_json ? 1 : 0
284
260
285
261
name = local. policy_name
286
- path = var . policy_path
262
+ role = aws_iam_role . lambda [ 0 ] . name
287
263
policy = var. policy_json
288
- tags = var. tags
289
- }
290
-
291
- resource "aws_iam_role_policy_attachment" "additional_json" {
292
- count = local. create_role && var. attach_policy_json ? 1 : 0
293
-
294
- role = aws_iam_role. lambda [0 ]. name
295
- policy_arn = aws_iam_policy. additional_json [0 ]. arn
296
264
}
297
265
298
266
# ####################################
299
267
# Additional policies (list of JSON)
300
268
# ####################################
301
269
302
- resource "aws_iam_policy " "additional_jsons" {
270
+ resource "aws_iam_role_policy " "additional_jsons" {
303
271
count = local. create_role && var. attach_policy_jsons ? var. number_of_policy_jsons : 0
304
272
305
273
name = " ${ local . policy_name } -${ count . index } "
306
- path = var . policy_path
274
+ role = aws_iam_role . lambda [ 0 ] . name
307
275
policy = var. policy_jsons [count . index ]
308
- tags = var. tags
309
- }
310
-
311
- resource "aws_iam_role_policy_attachment" "additional_jsons" {
312
- count = local. create_role && var. attach_policy_jsons ? var. number_of_policy_jsons : 0
313
-
314
- role = aws_iam_role. lambda [0 ]. name
315
- policy_arn = aws_iam_policy. additional_jsons [count . index ]. arn
316
276
}
317
277
318
278
# ##########################
@@ -383,18 +343,10 @@ data "aws_iam_policy_document" "additional_inline" {
383
343
}
384
344
}
385
345
386
- resource "aws_iam_policy " "additional_inline" {
346
+ resource "aws_iam_role_policy " "additional_inline" {
387
347
count = local. create_role && var. attach_policy_statements ? 1 : 0
388
348
389
349
name = " ${ local . policy_name } -inline"
390
- path = var . policy_path
350
+ role = aws_iam_role . lambda [ 0 ] . name
391
351
policy = data. aws_iam_policy_document . additional_inline [0 ]. json
392
- tags = var. tags
393
- }
394
-
395
- resource "aws_iam_role_policy_attachment" "additional_inline" {
396
- count = local. create_role && var. attach_policy_statements ? 1 : 0
397
-
398
- role = aws_iam_role. lambda [0 ]. name
399
- policy_arn = aws_iam_policy. additional_inline [0 ]. arn
400
352
}
0 commit comments