Skip to content

Resource: awsIamGroupPolicyAttachment

Attaches a Managed IAM Policy to an IAM group

\~> NOTE: The usage of this resource conflicts with the awsIamPolicyAttachment resource and will permanently show a difference if both are defined.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsIamGroupGroup = new aws.iamGroup.IamGroup(this, "group", {
  name: "test-group",
});
const awsIamPolicyPolicy = new aws.iamPolicy.IamPolicy(this, "policy", {
  description: "A test policy",
  name: "test-policy",
  policy: "{ ... policy JSON ... }",
});
new aws.iamGroupPolicyAttachment.IamGroupPolicyAttachment(this, "test-attach", {
  group: awsIamGroupGroup.name,
  policyArn: awsIamPolicyPolicy.arn,
});

Argument Reference

The following arguments are supported:

  • group (Required) - The group the policy should be applied to
  • policyArn (Required) - The ARN of the policy you want to apply

Attributes Reference

No additional attributes are exported.

Import

IAM group policy attachments can be imported using the group name and policy arn separated by /.

$ terraform import aws_iam_group_policy_attachment.test-attach test-group/arn:aws:iam::xxxxxxxxxxxx:policy/test-policy