Skip to content

Commit

Permalink
Merge pull request #456 from cisagov/cd_modify_elasticache
Browse files Browse the repository at this point in the history
Update elasticache terraform to add IAM policy related to elasticache
  • Loading branch information
cduhn17 authored Jul 18, 2024
2 parents 5d13bee + 3205de3 commit 71fb37f
Showing 1 changed file with 25 additions and 0 deletions.
25 changes: 25 additions & 0 deletions infrastructure/elasticache.tf
Original file line number Diff line number Diff line change
Expand Up @@ -37,3 +37,28 @@ resource "aws_elasticache_cluster" "crossfeed_vpc_elasticache_cluster" {
Stage = var.stage
}
}

resource "aws_iam_policy" "elasticache_policy" {
name = "elasticache_policy"
description = "Policy to allow ElastiCache operations"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Effect = "Allow"
Action = [
"elasticache:CreateCacheSubnetGroup",
"elasticache:DeleteCacheSubnetGroup",
"elasticache:DescribeCacheSubnetGroups",
"elasticache:ModifyCacheSubnetGroup"
]
Resource = "*"
}
]
})
}

resource "aws_iam_user_policy_attachment" "elasticache_user_policy_attachment" {
user = "crossfeed-deploy-staging"
policy_arn = aws_iam_policy.elasticache_policy.arn
}

0 comments on commit 71fb37f

Please sign in to comment.