Merge pull request #29 from scribd/DATAPLAT-260_fix

DATAPLAT-260: fix error in role policy

Author: Maks-D

main.tf

@@ -747,10 +747,6 @@ data "aws_iam_policy_document" "glue_create" {
   }
   statement {
     effect = "Allow"
-    principals {
-      type        = "*"
-      identifiers = ["*"]
-    }
     actions   = ["sqs:ReceiveMessage"]
     resources = [aws_sqs_queue.glue_create[0].arn]
 
@@ -762,10 +758,6 @@ data "aws_iam_policy_document" "glue_create" {
   }
   statement {
     effect = "Allow"
-    principals {
-      type        = "AWS"
-      identifiers = ["*"]
-    }
     actions = [
       "sqs:SendMessage"
     ]
@@ -781,7 +773,7 @@ data "aws_iam_policy_document" "glue_create" {
 resource "aws_iam_policy" "glue_create_managed" {
   count = local.enable_glue_create ? 1 : 0
 
-  name        = var.glue_create_config.iam_police_name
+  name        = var.glue_create_config.iam_policy_name
   description = "Glue create policy allows access to Athena and S3"
   policy      = data.aws_iam_policy_document.glue_create[0].json
   tags        = var.tags

variables.tf

@@ -317,7 +317,7 @@ variable "glue_create_config" {
     sqs_queue_name        = string // name of sqs queue for glue-sync lambda
     sqs_queue_name_dl     = string // name dead letter sqs que with not processed s3 events
     iam_role_name         = string // lambda role name
-    iam_police_name       = string // lambda policy name
+    iam_policy_name       = string // lambda policy name
   })
   description = "Configuration of glue-create lambda"
 }