Alphabetize policy attachments by resource name

cisagov · Oct 5, 2023 · aa7fc45 · aa7fc45
1 parent f19e4aa
commit aa7fc45
Showing 1 changed file with 28 additions and 28 deletions.
diff --git a/terraform-build-user/main.tf b/terraform-build-user/main.tf
@@ -18,79 +18,79 @@ module "iam_user" {
 }
 
 # Attach 3rd party S3 bucket read-only policy from
-# cisagov/ansible-role-cdm-tanium-client to the production
-# EC2AMICreate role
-resource "aws_iam_role_policy_attachment" "thirdpartybucketread_tanium_production" {
+# cisagov/ansible-role-cdm-certificates to the production EC2AMICreate
+# role
+resource "aws_iam_role_policy_attachment" "thirdpartybucketread_certificates_production" {
   provider = aws.images-production-ami
 
-  policy_arn = data.terraform_remote_state.ansible_role_cdm_tanium_client.outputs.production_bucket_policy.arn
+  policy_arn = data.terraform_remote_state.ansible_role_cdm_certificates.outputs.production_bucket_policy.arn
   role       = module.iam_user.ec2amicreate_role_production.name
 }
 
 # Attach 3rd party S3 bucket read-only policy from
-# cisagov/ansible-role-cdm-tanium-client to the staging EC2AMICreate
+# cisagov/ansible-role-cdm-certificates to the staging EC2AMICreate
 # role
-resource "aws_iam_role_policy_attachment" "thirdpartybucketread_tanium_staging" {
+resource "aws_iam_role_policy_attachment" "thirdpartybucketread_certificates_staging" {
   provider = aws.images-staging-ami
 
-  policy_arn = data.terraform_remote_state.ansible_role_cdm_tanium_client.outputs.staging_bucket_policy.arn
+  policy_arn = data.terraform_remote_state.ansible_role_cdm_certificates.outputs.staging_bucket_policy.arn
   role       = module.iam_user.ec2amicreate_role_staging.name
 }
 
 # Attach 3rd party S3 bucket read-only policy from
-# cisagov/ansible-role-cdm-nessus-agent to the production
-# EC2AMICreate role
-resource "aws_iam_role_policy_attachment" "thirdpartybucketread_nessus_production" {
+# cisagov/ansible-role-crowdstrike to the production EC2AMICreate role
+resource "aws_iam_role_policy_attachment" "thirdpartybucketread_crowdstrike_production" {
   provider = aws.images-production-ami
 
-  policy_arn = data.terraform_remote_state.ansible_role_cdm_nessus_agent.outputs.production_bucket_policy.arn
+  policy_arn = data.terraform_remote_state.ansible_role_crowdstrike.outputs.production_bucket_policy.arn
   role       = module.iam_user.ec2amicreate_role_production.name
 }
 
 # Attach 3rd party S3 bucket read-only policy from
-# cisagov/ansible-role-cdm-nessus-agent to the staging EC2AMICreate
-# role
-resource "aws_iam_role_policy_attachment" "thirdpartybucketread_nessus_staging" {
+# cisagov/ansible-role-crowdstrike to the staging EC2AMICreate role
+resource "aws_iam_role_policy_attachment" "thirdpartybucketread_crowdstrike_staging" {
   provider = aws.images-staging-ami
 
-  policy_arn = data.terraform_remote_state.ansible_role_cdm_nessus_agent.outputs.staging_bucket_policy.arn
+  policy_arn = data.terraform_remote_state.ansible_role_crowdstrike.outputs.staging_bucket_policy.arn
   role       = module.iam_user.ec2amicreate_role_staging.name
 }
 
 # Attach 3rd party S3 bucket read-only policy from
-# cisagov/ansible-role-cdm-certificates to the production EC2AMICreate
-# role
-resource "aws_iam_role_policy_attachment" "thirdpartybucketread_certificates_production" {
+# cisagov/ansible-role-cdm-nessus-agent to the production
+# EC2AMICreate role
+resource "aws_iam_role_policy_attachment" "thirdpartybucketread_nessus_production" {
   provider = aws.images-production-ami
 
-  policy_arn = data.terraform_remote_state.ansible_role_cdm_certificates.outputs.production_bucket_policy.arn
+  policy_arn = data.terraform_remote_state.ansible_role_cdm_nessus_agent.outputs.production_bucket_policy.arn
   role       = module.iam_user.ec2amicreate_role_production.name
 }
 
 # Attach 3rd party S3 bucket read-only policy from
-# cisagov/ansible-role-cdm-certificates to the staging EC2AMICreate
+# cisagov/ansible-role-cdm-nessus-agent to the staging EC2AMICreate
 # role
-resource "aws_iam_role_policy_attachment" "thirdpartybucketread_certificates_staging" {
+resource "aws_iam_role_policy_attachment" "thirdpartybucketread_nessus_staging" {
   provider = aws.images-staging-ami
 
-  policy_arn = data.terraform_remote_state.ansible_role_cdm_certificates.outputs.staging_bucket_policy.arn
+  policy_arn = data.terraform_remote_state.ansible_role_cdm_nessus_agent.outputs.staging_bucket_policy.arn
   role       = module.iam_user.ec2amicreate_role_staging.name
 }
 
 # Attach 3rd party S3 bucket read-only policy from
-# cisagov/ansible-role-crowdstrike to the production EC2AMICreate role
-resource "aws_iam_role_policy_attachment" "thirdpartybucketread_crowdstrike_production" {
+# cisagov/ansible-role-cdm-tanium-client to the production
+# EC2AMICreate role
+resource "aws_iam_role_policy_attachment" "thirdpartybucketread_tanium_production" {
   provider = aws.images-production-ami
 
-  policy_arn = data.terraform_remote_state.ansible_role_crowdstrike.outputs.production_bucket_policy.arn
+  policy_arn = data.terraform_remote_state.ansible_role_cdm_tanium_client.outputs.production_bucket_policy.arn
   role       = module.iam_user.ec2amicreate_role_production.name
 }
 
 # Attach 3rd party S3 bucket read-only policy from
-# cisagov/ansible-role-crowdstrike to the staging EC2AMICreate role
-resource "aws_iam_role_policy_attachment" "thirdpartybucketread_crowdstrike_staging" {
+# cisagov/ansible-role-cdm-tanium-client to the staging EC2AMICreate
+# role
+resource "aws_iam_role_policy_attachment" "thirdpartybucketread_tanium_staging" {
   provider = aws.images-staging-ami
 
-  policy_arn = data.terraform_remote_state.ansible_role_crowdstrike.outputs.staging_bucket_policy.arn
+  policy_arn = data.terraform_remote_state.ansible_role_cdm_tanium_client.outputs.staging_bucket_policy.arn
   role       = module.iam_user.ec2amicreate_role_staging.name
 }