From 8339344712e06f2de200eb6fb87cc2e3eb80e4c7 Mon Sep 17 00:00:00 2001
From: cduhn17 <craig.duhn@nttdatafed.com>
Date: Thu, 18 Jul 2024 10:50:18 -0500
Subject: [PATCH] Update elasticache terraform to add IAM policy related to
 elasticache

---
 infrastructure/elasticache.tf | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/infrastructure/elasticache.tf b/infrastructure/elasticache.tf
index b5553912..3884b0c4 100644
--- a/infrastructure/elasticache.tf
+++ b/infrastructure/elasticache.tf
@@ -37,3 +37,28 @@ resource "aws_elasticache_cluster" "crossfeed_vpc_elasticache_cluster" {
     Stage   = var.stage
   }
 }
+
+resource "aws_iam_policy" "elasticache_policy" {
+  name        = "elasticache_policy"
+  description = "Policy to allow ElastiCache operations"
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Effect = "Allow"
+        Action = [
+          "elasticache:CreateCacheSubnetGroup",
+          "elasticache:DeleteCacheSubnetGroup",
+          "elasticache:DescribeCacheSubnetGroups",
+          "elasticache:ModifyCacheSubnetGroup"
+        ]
+        Resource = "*"
+      }
+    ]
+  })
+}
+
+resource "aws_iam_user_policy_attachment" "elasticache_user_policy_attachment" {
+  user       = "crossfeed-deploy-staging"
+  policy_arn = aws_iam_policy.elasticache_policy.arn
+}
\ No newline at end of file