Skip to content

Commit 3fe4008

Browse files
jamesiarmesjamesiarmes
committed
fix: Remove managed execution policy attachments.
1 parent 2446f8d commit 3fe4008

File tree

1 file changed

+1
-4
lines changed
  • tofu/modules/fargate_service

1 file changed

+1
-4
lines changed

tofu/modules/fargate_service/iam.tf

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -33,11 +33,8 @@ resource "aws_iam_role" "execution" {
3333

3434
resource "aws_iam_role_policy_attachments_exclusive" "execution" {
3535
role_name = aws_iam_role.execution.name
36-
# TODO: Create our own policy instead of using the managed ones.
3736
policy_arns = concat([
38-
# aws_iam_policy.execution.arn
39-
"arn:${data.aws_partition.current.partition}:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy",
40-
"arn:${data.aws_partition.current.partition}:iam::aws:policy/CloudWatchAgentServerPolicy"
37+
aws_iam_policy.execution.arn
4138
], var.execution_policies)
4239
}
4340

0 commit comments

Comments
 (0)