Resource: aws_iam_group_policy

Provides an IAM policy attached to a group.

Example Usage

resource "aws_iam_group_policy" "my_developer_policy" {
  name  = "my_developer_policy"
  group = aws_iam_group.my_developers.name

  # Terraform's "jsonencode" function converts a
  # Terraform expression result to valid JSON syntax.
  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = [
          "ec2:Describe*",
        ]
        Effect   = "Allow"
        Resource = "*"
      },
    ]
  })
}

resource "aws_iam_group" "my_developers" {
  name = "developers"
  path = "/users/"
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import IAM Group Policies using the group_name:group_policy_name. For example:

import {
  to = aws_iam_group_policy.mypolicy
  id = "group_of_mypolicy_name:mypolicy_name"
}

Using terraform import, import IAM Group Policies using the group_name:group_policy_name. For example:

% terraform import aws_iam_group_policy.mypolicy group_of_mypolicy_name:mypolicy_name