Remove s3_ap_landing_role for now

ministryofjustice · Nov 20, 2023 · 743c619 · 743c619
1 parent 08927e3
commit 743c619
Showing 1 changed file with 33 additions and 33 deletions.
diff --git a/terraform/environments/performance-hub/iam.tf b/terraform/environments/performance-hub/iam.tf
@@ -6,39 +6,39 @@
 # S3 bucket access policy for AP landing bucket (data pushed from 
 # Performance Hub to a bucket in the AP account - hence hard-coded bucket name)
 
-resource "aws_iam_role" "s3_ap_landing_role" {
-  name               = "${local.application_name}-s3-ap-landing-role"
-  assume_role_policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-        {
-            Sid: "MOJAnalyticalPlatformListBucket",
-            Effect: "Allow",
-            Action: [
-                "s3:ListBucket",
-                "s3:GetBucketLocation"
-            ],
-            "Resource": "arn:aws:s3:::hmpps-performance-hub-landing"
-        },
-        {
-            Sid: "MOJAnalyticalPlatformWriteBucket",
-            Effect: "Allow",
-            Action: [
-                "s3:PutObject",
-                "s3:PutObjectAcl",
-                "s3:GetObject"
-            ],
-            Resource: "arn:aws:s3:::hmpps-performance-hub-landing/*"
-        }
-    ]
-  })
-  tags = merge(
-    local.tags,
-    {
-      Name = "${local.application_name}-s3-ap-landing-role"
-    }
-  )
-}
+# resource "aws_iam_role" "s3_ap_landing_role" {
+#   name               = "${local.application_name}-s3-ap-landing-role"
+#   assume_role_policy = jsonencode({
+#     Version = "2012-10-17"
+#     Statement = [
+#         {
+#             Sid: "MOJAnalyticalPlatformListBucket",
+#             Effect: "Allow",
+#             Action: [
+#                 "s3:ListBucket",
+#                 "s3:GetBucketLocation"
+#             ],
+#             "Resource": "arn:aws:s3:::hmpps-performance-hub-landing"
+#         },
+#         {
+#             Sid: "MOJAnalyticalPlatformWriteBucket",
+#             Effect: "Allow",
+#             Action: [
+#                 "s3:PutObject",
+#                 "s3:PutObjectAcl",
+#                 "s3:GetObject"
+#             ],
+#             Resource: "arn:aws:s3:::hmpps-performance-hub-landing/*"
+#         }
+#     ]
+#   })
+#   tags = merge(
+#     local.tags,
+#     {
+#       Name = "${local.application_name}-s3-ap-landing-role"
+#     }
+#   )
+# }
 
 
 # S3 bucket access policy for Performance Hub landing bucket (data pushed from