Amazon Web Services (AWS) - List IAM Policies using Terraform

by
Jeremy Canfield |
Updated: October 02 2023
| Amazon Web Services (AWS) articles
Let's say you have the following files on your Terraform server.
├── required_providers.tf
├── amazon_machine_images (directory)
│ ├── data.tf
│ ├── outputs.tf
│ ├── provider.tf
required_providers.tf will almost always have this.
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
}
}
}
Let's say provider.tf has the following. In this example, the "default" profile in /home/username/.aws/config and /home/username/.aws/credentials is being used. This assumes you have setup Terraform as described in Amazon Web Services (AWS) - Getting Started with Terraform.
provider "aws" {
alias = "default"
profile = "default"
region = "default"
}
And data.tf contains something like this to fetch an IAM Policy using the name of the policy.
data "aws_iam_policy" "AmazonEC2ContainerServiceforEC2Role" {
name = "AmazonEC2ContainerServiceforEC2Role"
}
Or like this, using the Amazon Resource Number (ARN) of the policy.
data "aws_iam_policy" "AmazonEC2ContainerServiceforEC2Role" {
arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
}
The terraform refresh command should return something like this, the ID of the policy should be returned.
data.aws_iam_policy.AmazonEC2ContainerServiceforEC2Role: Read complete after 3s [id=arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role]
Did you find this article helpful?
If so, consider buying me a coffee over at