Defined permissionsboundary for resources

terraform-modules/cur-setup-source/main.tf

@@ -216,9 +216,10 @@ data "aws_iam_policy_document" "replication" {
 }
 
 resource "aws_iam_role" "replication" {
-  name_prefix        = "${var.resource_prefix}-replication"
-  path               = "/${var.resource_prefix}/"
-  assume_role_policy = data.aws_iam_policy_document.s3_assume_role.json
+  name_prefix          = "${var.resource_prefix}-replication"
+  path                 = "/${var.resource_prefix}/"
+  permissions_boundary = var.permissionsboundary_arn
+  assume_role_policy   = data.aws_iam_policy_document.s3_assume_role.json
   inline_policy {
     name   = "S3Replication"
     policy = data.aws_iam_policy_document.replication.json