From e776fb52cb25994be45632b105ad35088204d696 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Tue, 24 May 2022 09:38:48 -0400
Subject: [PATCH] add policy.tf for billing

---
 billing-role/policy.tf | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 billing-role/policy.tf

diff --git a/billing-role/policy.tf b/billing-role/policy.tf
new file mode 100644
index 0000000..4a84560
--- /dev/null
+++ b/billing-role/policy.tf
@@ -0,0 +1,24 @@
+data "aws_iam_policy_document" "full_billing" {
+  statement {
+    sid       = "FullBillingAccess"
+    effect    = "Allow"
+    resources = ["*"]
+
+    actions = [
+      "aws-portal:*",
+      # add others, to allow cost explorer and budgets
+    ]
+  }
+}
+
+data "aws_iam_policy_document" "limited_billing" {
+  statement {
+    sid       = "LimitedBillingAccess"
+    effect    = "Allow"
+    resources = ["*"]
+
+    actions = [
+      # put in right set of things for cost explorer and read access to billing
+    ]
+  }
+}