Question : The Nautilus DevOps team is automating IAM policy creation using Terraform to enhance security and access management. As part of this task, they need to create an IAM policy with specific requirements.
For this task, create an AWS IAM policy using Terraform with the following requirements:
The IAM policy name iampolicy_rose should be stored in a variable named KKE_iampolicy.
Note:
The configuration values should be stored in a variables.tf file.
The Terraform script should be structured with a main.tf file referencing variables.tf.
The Terraform working directory is /home/bob/terraform.
Right-click under the EXPLORER section in VS Code and select Open in Integrated Terminal to launch the terminal.
1. In VS Code Editor create a new file main.tf
(Refer Video below for better understanding )
Code you will get on Git Lab repository
https://gitlab.com/nb-tech-support/devops/-/blob/master/Terraform
Main.tf
# Create AWS IAM Policy with variable reference
resource "aws_iam_policy" "this" {
name = var.KKE_iampolicy
description = "Custom IAM policy created for the Nautilus DevOps team"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = [
"ec2:Describe*",
"s3:ListAllMyBuckets"
]
Effect = "Allow"
Resource = "*"
}
]
})
tags = {
Name = var.KKE_iampolicy
}
}Varilables.tf
# Define variable for IAM policy name
variable "KKE_iampolicy" {
description = "The name of the IAM policy to create"
type = string
default = "iampolicy_rose"
}
terraform init terraform plan terraform apply |
3. Click on Finish & Confirm to complete the task successful
Happy Learning!!!!
0 Comments