The kinesis-data-stream-addon module generates an AWS IAM Policy that grants permissions to publish to the given AWS Kinesis Data Streams.
The policy will be attached to the AWS IAM Role specified by var.iam_role_name, if specified.
Kinesis Data Stream ARNs must be provided, as IAM policies for Data Streams cannot use wildcards with tags or resource names.
module "kinesis_data_stream_access" {
source = "symopsio/kinesis-data-stream-addon/aws"
version = ">= 1.0.0"
environment = "prod"
stream_arns = ["arn:aws:kinesis:*:111122223333:stream/my-stream"]
iam_role_name = module.runtime_connector.sym_runtime_connector_role.name
}| Name | Version |
|---|---|
| terraform | >= 0.13.7 |
| aws | >= 3.0 |
| Name | Version |
|---|---|
| aws | >= 3.0 |
No modules.
| Name | Type |
|---|---|
| aws_iam_policy.this | resource |
| aws_iam_role_policy_attachment.attach_datastream_access | resource |
| aws_caller_identity.current | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| environment | The unique name of the environment in which you are deploying this AWS IAM Policy (e.g. staging, or prod). | string |
n/a | yes |
| iam_role_name | If specified, the generated AWS IAM Policy will be attached to the AWS IAM Role identified by this value. | string |
"" |
no |
| stream_arns | List of Data Stream ARNs the Sym Runtime is allowed to publish to. | list(string) |
[] |
no |
| tags | Additional tags to apply to resources. | map(string) |
{} |
no |
| Name | Description |
|---|---|
| policy_arn | The ARN of the generated AWS IAM Policy that grants permissions to publish to the given Kinesis Data Streams. |