change managed

terraform-modules · Mar 2, 2021 · 935d17c · 935d17c
1 parent 09ef9e7
commit 935d17c
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 24 deletions.
diff --git a/iam-general-policies/README.md b/iam-general-policies/README.md
@@ -30,6 +30,18 @@ module "general_full" {
 }
 ```
 
+# Managed Policies  
+This provides a number of AWS manged policies: module.general.managed\_policies[KEY]
+* AdministratorAccess
+* ReadOnlyAccess
+* AmazonVPCFullAccess
+* AWSSupportAccess
+* CloudWatchAWSSupportAccess
+* Billing
+* NetworkAdministrator
+
+Custom Policies
+
 ## Requirements
 
 No requirements.

diff --git a/iam-general-policies/main.tf b/iam-general-policies/main.tf
@@ -30,6 +30,18 @@
 *   }
 * }
 * ```
+*
+* # Managed Policies
+* This provides a number of AWS manged policies: module.general.managed_policies[KEY]
+* * AdministratorAccess 
+* * ReadOnlyAccess 
+* * AmazonVPCFullAccess 
+* * AWSSupportAccess 
+* * CloudWatchAWSSupportAccess 
+* * Billing 
+* * NetworkAdministrator 
+*
+* Custom Policies
 */
 
 locals {
@@ -79,3 +91,4 @@ resource "aws_iam_policy" "general" {
   #    map("Name",format("%vinf-%v", lookup(local._prefixes, "policy", ""), each.value["name"]))
   #  )
 }
+
diff --git a/iam-general-policies/managed_policies.tf b/iam-general-policies/managed_policies.tf
@@ -1,26 +1,12 @@
 locals {
   managed_policies = {
-    "AdministratorAccess" = {
-      arn = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "AdministratorAccess")
-    }
-    "ReadOnlyAccess" = {
-      arn = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "ReadOnlyAccess")
-    }
-    "AmazonVPCFullAccess" = {
-      arn = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "AmazonVPCFullAccess")
-    }
-    "AWSSupportAccess" = {
-      arn = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "AWSSupportAccess")
-    }
-    "CloudWatchAWSSupportAccess" = {
-      arn = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "CloudWatchAWSSupportAccess")
-    }
+    "AdministratorAccess"        = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "AdministratorAccess")
+    "ReadOnlyAccess"             = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "ReadOnlyAccess")
+    "AmazonVPCFullAccess"        = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "AmazonVPCFullAccess")
+    "AWSSupportAccess"           = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "AWSSupportAccess")
+    "CloudWatchAWSSupportAccess" = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "CloudWatchAWSSupportAccess")
 
-    "Billing" = {
-      arn = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "job-function/Billing")
-    }
-    "NetworkAdministrator" = {
-      arn = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "job-function/NetworkAdministrator")
-    }
+    "Billing"              = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "job-function/Billing")
+    "NetworkAdministrator" = format("arn:%v:iam::aws:policy/%v", data.aws_arn.current.partition, "job-function/NetworkAdministrator")
   }
 }
diff --git a/iam-general-policies/outputs.tf b/iam-general-policies/outputs.tf
@@ -1,6 +1,4 @@
-# name = {
-#  arn
-# }
+# name = arn
 
 output "managed_policies" {
   description = "AWS Managed Policy name to ARN mapping"