github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/website/source/docs/providers/aws/r/iam_policy_attachment.html.markdown (about) 1 --- 2 layout: "aws" 3 page_title: "AWS: aws_iam_policy_attachment" 4 sidebar_current: "docs-aws-resource-iam-policy-attachment" 5 description: |- 6 Attaches a Managed IAM Policy to user(s), role(s), and/or group(s) 7 --- 8 9 # aws\_iam\_policy\_attachment 10 11 Attaches a Managed IAM Policy to user(s), role(s), and/or group(s) 12 13 ~> **NOTE:** The aws_iam_policy_attachment resource is only meant to be used once for each managed policy. All of the users/roles/groups that a single policy is being attached to should be declared by a single aws_iam_policy_attachment resource. 14 15 ``` 16 resource "aws_iam_user" "user" { 17 name = "test-user" 18 } 19 20 resource "aws_iam_role" "role" { 21 name = "test-role" 22 } 23 24 resource "aws_iam_group" "group" { 25 name = "test-group" 26 } 27 28 resource "aws_iam_policy" "policy" { 29 name = "test-policy" 30 description = "A test policy" 31 policy = # omitted 32 } 33 34 resource "aws_iam_policy_attachment" "test-attach" { 35 name = "test-attachment" 36 users = ["{aws_iam_user.user.name}"] 37 roles = ["{aws_iam_role.role.name}"] 38 groups = ["{aws_iam_group.group.name}"] 39 policy_arn = "${aws_iam_policy.policy.arn}" 40 } 41 ``` 42 43 ## Argument Reference 44 45 The following arguments are supported: 46 47 * `name` (Required) - The name of the policy. This cannot be an empty string. 48 * `users` (Optional) - The user(s) the policy should be applied to 49 * `roles` (Optional) - The role(s) the policy should be applied to 50 * `groups` (Optional) - The group(s) the policy should be applied to 51 * `policy_arn` (Required) - The ARN of the policy you want to apply 52 53 ## Attributes Reference 54 55 The following attributes are exported: 56 57 * `id` - The policy's ID. 58 * `name` - The name of the policy.