Skip to content

Commit

Permalink
Moved equip member infrastructure code from modernisation-platform-re…
Browse files Browse the repository at this point in the history 
…po to equip environment
  • Loading branch information
@sukeshreddyg
sukeshreddyg committed Jan 26, 2024
1 parent 7ff7a3f commit df81334
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions terraform/environments/equip/iam.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
#tfsec:ignore:aws-iam-no-user-attached-policies
resource "aws_iam_user" "email" {
#checkov:skip=CKV_AWS_273: "Skipping as tfsec check is also set to ignore"
name = format("%s-%s-email_user", local.application_name, local.environment)
tags = merge(local.tags,
{ Name = format("%s-%s-email_user", local.application_name, local.environment) }
)
}

resource "aws_iam_access_key" "email" {
user = aws_iam_user.email.name
}

#tfsec:ignore:aws-iam-no-policy-wildcards
resource "aws_iam_user_policy" "email_policy" {
name = "AmazonSesSendingAccess"
user = aws_iam_user.email.name
policy = data.aws_iam_policy_document.email.json
}

#tfsec:ignore:aws-iam-no-policy-wildcards
data "aws_iam_policy_document" "email" {
#checkov:skip=CKV_AWS_111
#checkov:skip=CKV_AWS_356: Policy follows AWS guidance
statement {
actions = [
"ses:SendRawEmail"
]
resources = ["*"]
}
}

0 comments on commit df81334

Please sign in to comment.