Merge pull request #8 from hove-io/ahi-update-ec2

feat: update policy for ec2 image builder

Author: ahattouti-canaltp

modules/runners/policies-runner.tf

@@ -61,4 +61,11 @@ resource "aws_iam_role_policy" "ec2" {
   policy = templatefile("${path.module}/policies/instance-ec2.json", {})
 }
 
+resource "aws_iam_role_policy" "ec2_image_builder" {
+  name   = "ec2-image-builder"
+  role   = aws_iam_role.runner.name
+  policy = templatefile("${path.module}/policies/instance-ec2-image-builder.json", {})
+}
+
+
 // see also logging.tf for logging and metrics policies

modules/runners/policies/instance-ec2-image-builder.json

@@ -0,0 +1,10 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": "imagebuilder:StartImagePipelineExecution ",
+      "Resource": "*"
+    }
+  ]
+}