Import existing resource and modify

buddhikasemasinghe · March 19, 2021, 5:37am

Hi,

I am a little bit new to Terraform and I working on a POC to introduce CDK for Terraform for one of our company projects.

My requirement is to import the existing IAM Role in my stack and attach an inline policy(Which is created from my stack) to the imported IAM Role.

Is this possible in the current CDK for Terraform?.

I am looking for something like the following.

const newEcrPolicy = new IamPolicy(this, ‘test’, { policy: “”});
const existingRole = new DataAwsIamRole(’ exisiting Role’); // Hope I can import the existing to the current stack

How can I achieve the following/
existingRole.attachPolicy(newPolicy);

Thanks
Buddhika

jsteinich · March 19, 2021, 11:15pm

Absolutely.

You’re on the right track. CDK for Terraform doesn’t currently have “L2” constructs like the AWS CDK, but there are Terraform resources which allow connecting up roles and policies.
You’ll want to use IamRolePolicyAttachment which has role and policyArn properties which you can set to your existing role and the new policy.