refactor: remove iam module

Author: rohit-ng

main.tf

@@ -169,13 +169,27 @@ module "ecs_task_security_group" {
 # ECS Execution IAM Role
 ################################################################################
 
-module "ecs_exec_role" {
-  source = "./modules/iam"
+data "aws_iam_policy_document" "assume_role_policy" {
+  statement {
+    actions = ["sts:AssumeRole"]
+    effect  = "Allow"
+
+    principals {
+      type        = local.ecs.iam.principal_type
+      identifiers = local.ecs.iam.principal_identifiers
+    }
+  }
+}
 
-  name_prefix           = local.ecs.iam.name_prefix
-  principal_type        = local.ecs.iam.principal_type
-  principal_identifiers = local.ecs.iam.principal_identifiers
-  policy_arns           = local.ecs.iam.ecs_exec_policy_arn
+resource "aws_iam_role" "ecs_exec" {
+  name_prefix        = local.ecs.iam.name_prefix
+  assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json
+}
+
+resource "aws_iam_role_policy_attachment" "ecs_exec" {
+  count      = length(local.ecs.iam.ecs_exec_policy_arn)
+  role       = aws_iam_role.ecs_exec.name
+  policy_arn = element(local.ecs.iam.ecs_exec_policy_arn, count.index)
 }
 
 ################################################################################
@@ -222,9 +236,9 @@ module "ecs_kong" {
     network_mode       = local.kong.network_mode
     cpu                = var.cpu_for_kong_task
     memory             = var.memory_for_kong_task
-    task_role_arn      = module.ecs_exec_role.role_arn
-    execution_role_arn = module.ecs_exec_role.role_arn
-
+    task_role_arn      = aws_iam_role.ecs_exec.arn
+    execution_role_arn = aws_iam_role.ecs_exec.arn
+    
     container_definitions = [
       {
         name         = local.kong.name