Merge pull request #9025 from ministryofjustice/issue/8617

Issue/8617
ministryofjustice · Jan 21, 2025 · 3bca868 · 3bca868
2 parents 580f657 + e103611
commit 3bca868
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 18 deletions.
diff --git a/terraform/environments/bootstrap/single-sign-on/data.tf b/terraform/environments/bootstrap/single-sign-on/data.tf
@@ -8,8 +8,3 @@ data "aws_ssm_parameter" "modernisation_platform_account_id" {
   name = "modernisation_platform_account_id"
 }
 
-# Allows access to the current account ID
-data "aws_caller_identity" "current" {}
-output "account_id" {
-  value = data.aws_caller_identity.current.account_id
-}
diff --git a/terraform/environments/bootstrap/single-sign-on/policies.tf b/terraform/environments/bootstrap/single-sign-on/policies.tf
@@ -367,19 +367,6 @@ data "aws_iam_policy_document" "developer_additional" {
     }
   }
 
-  # Additional statement that allows for the creation of on-demand AWS Backups.
-  statement {
-    sid       = "AllowPassRoleForBackup"
-    effect    = "Allow"
-    actions   = ["iam:PassRole"]
-    resources = ["arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/AWSBackup"]
-    condition {
-      test     = "StringEquals"
-      variable = "iam:PassedToService"
-      values   = ["backup.amazonaws.com"]
-    }
-  }
-
 }
 
 # data engineering policy (developer + glue + some athena)