Adds or updates an inline policy document that is embedded in the specified IAM user. An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use AWS::IAM::User. To create a new managed policy, use AWS::IAM::ManagedPolicy. For information about policies, see Managed policies and inline policies in the IAM User Guide. For information about the maximum number of inline policies that you can embed in a user, see IAM and quotas in the IAM User Guide.
The following example creates inline policy and attaches it to an IAM user
resource "awscc_iam_user_policy" "example" {
policy_name = "sample_iam_user_policy"
user_name = awscc_iam_user.example.id
policy_document = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = [
"s3:ListAllMyBuckets",
"s3:GetBucketLocation",
]
Effect = "Allow"
Resource = "arn:aws:s3:::*"
},
]
})
}
resource "awscc_iam_user" "example" {
user_name = "sample_iam_user"
}
policy_name
(String) The name of the policy document.
This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-user_name
(String) The name of the user to associate the policy with.
This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-policy_document
(String) The policy document.
You must provide policies in JSON format in IAM. However, for CFN templates formatted in YAML, you can provide the policy in JSON or YAML format. CFN always converts a YAML policy to JSON format before submitting it to IAM.
The regex pattern used to validate this parameter is a string of characters consisting of the following:
\u0020
) through the end of the ASCII character range\u00FF
)\u0009
), line feed (\u000A
), and carriage return (\u000D
)id
(String) Uniquely identifies the resource.Import is supported using the following syntax:
$ terraform import awscc_iam_user_policy.example <resource ID>