policy_name

Required
Type string
Module access-policy

Name of the access policy. Must be unique within your AWS account. Can contain alphanumeric characters, plus (+), equal (=), comma (,), period (.), at (@), underscore (_), and hyphen (-). Maximum 128 characters.

Naming Conventions

The policy name must be unique within your AWS account. It can contain only alphanumeric characters, plus (+), equal (=), comma (,), period (.), at (@), underscore (_), and hyphen (-). The name cannot exceed 128 characters.

Common Patterns

  • Role-based: {role}-policy (e.g., developer-policy)
  • Service-based: {service}-access (e.g., s3-read-access)
  • Environment-prefixed: {env}-{role}-policy (e.g., prod-admin-policy)
  • Team-based: {team}-{access-level} (e.g., data-engineering-readonly)

Best Practices

  • Use lowercase with hyphens for readability
  • Include the access scope or purpose in the name
  • Avoid generic names like policy or access
  • Consider including the service or resource type
  • Use consistent naming across your organization

Full Module Example

module "access_policy" {
  source  = "registry.patterneddesigns.ca/governance/access-policy/aws"
  version = "0.1.0"

  # policy_name
  policy_name = "..."

  # Other required inputs
}
Other Inputs
policy_type allowed_services denied_actions resource_restrictions