Bootstrap FreeKB - Amazon Web Services (AWS) - List IAM Policies using Terraform
Amazon Web Services (AWS) - List IAM Policies using Terraform
Updated:   |  Amazon Web Services (AWS) articles

Let's say you have the following files on your Terraform server.

├── required_providers.tf
├── amazon_machine_images (directory)
│   ├── data.tf
│   ├── outputs.tf
│   ├── provider.tf

 

required_providers.tf will almost always have this.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
    }
  }
}

 

Let's say provider.tf has the following. In this example, the "default" profile in /home/username/.aws/config and /home/username/.aws/credentials is being used. This assumes you have setup Terraform as described in Amazon Web Services (AWS) - Getting Started with Terraform.

provider "aws" {
  alias   = "default"
  profile = "default"
  region  = "default"
}

 

And data.tf contains something like this to fetch an IAM Policy using the name of the policy.

data "aws_iam_policy" "AmazonEC2ContainerServiceforEC2Role" {
  name = "AmazonEC2ContainerServiceforEC2Role"
}

 

Or like this, using the Amazon Resource Number (ARN) of the policy.

data "aws_iam_policy" "AmazonEC2ContainerServiceforEC2Role" {
  arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
}

 

The terraform refresh command should return something like this, the ID of the policy should be returned.

data.aws_iam_policy.AmazonEC2ContainerServiceforEC2Role: Read complete after 3s [id=arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role]

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter e4e674 in the box below so that we can be sure you are a human.