42 lines
1,003 B
HCL
42 lines
1,003 B
HCL
variable "policy_name" {
|
|
description = "Name of the IAM policy"
|
|
type = string
|
|
}
|
|
|
|
variable "policy_description" {
|
|
description = "Description of the IAM policy"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "bucket_arns" {
|
|
description = "List of S3 bucket ARNs to grant access to"
|
|
type = list(string)
|
|
}
|
|
|
|
variable "actions" {
|
|
description = "List of S3 actions to allow (e.g., ['s3:GetObject'], ['s3:PutObject'], ['s3:DeleteObject'])"
|
|
type = list(string)
|
|
default = ["s3:GetObject"]
|
|
}
|
|
|
|
variable "resource_paths" {
|
|
description = "List of resource paths within buckets (e.g., ['/*'] for all objects, ['/specific-prefix/*'] for specific prefix)"
|
|
type = list(string)
|
|
default = ["/*"]
|
|
}
|
|
|
|
variable "conditions" {
|
|
description = "Optional IAM policy conditions to apply to the statement"
|
|
type = any
|
|
default = null
|
|
}
|
|
|
|
variable "tags" {
|
|
description = "Tags to apply to the policy"
|
|
type = map(string)
|
|
default = {}
|
|
}
|
|
|
|
|
|
|