From 7b02e53f1d48a7971adadff6ca2a85c896b45b30 Mon Sep 17 00:00:00 2001
From: Jun-te Kim <junte.kim@mealcraft.com>
Date: Wed, 10 Sep 2025 17:31:55 +0100
Subject: [PATCH] policy exists

---
 .../walthamforest_etl_lambda.tf               | 66 ++++++++++---------
 1 file changed, 35 insertions(+), 31 deletions(-)

diff --git a/deployment/lambda/walthamforest_etl/walthamforest_etl_lambda.tf b/deployment/lambda/walthamforest_etl/walthamforest_etl_lambda.tf
index 22f03aa..12b9aab 100644
--- a/deployment/lambda/walthamforest_etl/walthamforest_etl_lambda.tf
+++ b/deployment/lambda/walthamforest_etl/walthamforest_etl_lambda.tf
@@ -16,38 +16,42 @@ resource "aws_sqs_queue" "walthamforest_etl_queue" {
 }
 
 
-# IAM policy specific to this Lambda
-resource "aws_iam_policy" "walthamforest_etl_policy" {
-  name = "walthamforest_etl-loader-policy"
+# # IAM policy specific to this Lambda
+# resource "aws_iam_policy" "walthamforest_etl_policy" {
+#   name = "walthamforest_etl-loader-policy"
 
-  policy = jsonencode({
-    Version = "2012-10-17",
-    Statement = [
-      {
-        Effect = "Allow",
-        Action = [
-          "sqs:ReceiveMessage",
-          "sqs:DeleteMessage",
-          "sqs:GetQueueAttributes"
-        ],
-        Resource = aws_sqs_queue.walthamforest_etl_queue.arn
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "ecr:GetDownloadUrlForLayer",
-          "ecr:BatchGetImage",
-          "ecr:BatchCheckLayerAvailability"
-        ],
-        Resource = data.aws_ecr_repository.walthamforest_etl_ecr.arn
-      },
-      {
-        Effect = "Allow",
-        Action = ["ecr:GetAuthorizationToken"],
-        Resource = "*"
-      }
-    ]
-  })
+#   policy = jsonencode({
+#     Version = "2012-10-17",
+#     Statement = [
+#       {
+#         Effect = "Allow",
+#         Action = [
+#           "sqs:ReceiveMessage",
+#           "sqs:DeleteMessage",
+#           "sqs:GetQueueAttributes"
+#         ],
+#         Resource = aws_sqs_queue.walthamforest_etl_queue.arn
+#       },
+#       {
+#         Effect = "Allow",
+#         Action = [
+#           "ecr:GetDownloadUrlForLayer",
+#           "ecr:BatchGetImage",
+#           "ecr:BatchCheckLayerAvailability"
+#         ],
+#         Resource = data.aws_ecr_repository.walthamforest_etl_ecr.arn
+#       },
+#       {
+#         Effect = "Allow",
+#         Action = ["ecr:GetAuthorizationToken"],
+#         Resource = "*"
+#       }
+#     ]
+#   })
+# }
+
+data "aws_iam_policy" "walthamforest_etl" {
+  name = "walthamforest_etl-loader-policy"
 }
 
 resource "aws_iam_role_policy_attachment" "walthamforest_etl_policy_attach" {