awscc_iam_group_policy (Resource)

Adds or updates an inline policy document that is embedded in the specified IAM group. A group can also have managed policies attached to it. To attach a managed policy to a group, use AWS::IAM::Group. To create a new managed policy, use AWS::IAM::ManagedPolicy. For information about policies, see Managed policies and inline policies in the IAM User Guide. For information about the maximum number of inline policies that you can embed in a group, see IAM and quotas in the IAM User Guide.

Example Usage

IAM group embedded inline policy document

Sample IAM group with embedded inline policy

resource "awscc_iam_group_policy" "example" {
  group_name  = awscc_iam_group.example.id
  policy_name = "sample_group_policy"

  policy_document = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Effect = "Allow"
        Action = [
          "s3:ListBucket"]
        Resource = "arn:aws:s3:::my_bucket_name"
      }
    ]
  })
}

resource "awscc_iam_group" "example" {
  group_name = "sample_group"
}

Schema

Required

Optional

Read-Only

Import

Import is supported using the following syntax:

$ terraform import awscc_iam_group_policy.example <resource ID>