Files
dev-intel-v2/foxtrot-docs-v3/reference/terraform/runtime-cloud-iam-aws-reltio-organization-968814677163.md
Jarvis Prime 0265ec7a60 feat: confluence benchmark, pattern extractor, agent KB, UX spec
- extract-patterns.js: mines layered arch, ArgoCD appsets, cloud regions,
  CIDR allocations, naming conventions, sync waves, tech stack from code
- agent-kb.js: token-efficient JSON rendering of same doc tree
- eval-confluence-ref-questions.json: 32 reference-only benchmark questions
- wiggum-v2.sh: Ralph Wiggum loop targeting confluence baseline (77.8%)
- docs/human-ux-spec.md: BMad UX designer spec for human doc structure
- Eval results: V2 at 28.7% vs confluence 77.8% baseline
- Hub/spoke ownership now correctly extracted (95% on that question)
- Naming conventions, regions, CIDRs surfaced in system-architecture.md
2026-03-10 14:20:35 +00:00

37 KiB

Terraform: runtime/cloud-iam/aws/reltio-organization/968814677163

Requirements

Name Version
terraform >=1.3.0
aws 4.67.0

Providers

Name Version
aws 4.67.0

Modules

No modules.

Resources

Name Type
aws_iam_openid_connect_provider.gke_oidc_gcp-dev-us-6-gke resource
aws_iam_openid_connect_provider.gke_oidc_gcp-prd-as-1-state resource
aws_iam_openid_connect_provider.gke_oidc_provider_aws resource
aws_iam_policy.bitbucket_cleanup_policy resource
aws_iam_policy.cert_manager_policy_aws-dev-us-99-eks resource
aws_iam_policy.cert_manager_policy_aws-dev-us-99-state resource
aws_iam_policy.cert_manager_policy_aws-iqa-us-1-eks-ci1 resource
aws_iam_policy.cert_manager_policy_aws-iqa-us-2-eks resource
aws_iam_policy.cert_manager_policy_aws-iqa-us-2-state resource
aws_iam_policy.cert_manager_policy_aws-iqa-us-3-eks resource
aws_iam_policy.cert_manager_policy_aws-iqa-us-4-eks resource
aws_iam_policy.cert_manager_policy_aws-iqa-us-4-state resource
aws_iam_policy.cert_manager_policy_aws-prd-ap-1-eks resource
aws_iam_policy.cert_manager_policy_aws-prd-ap-1-state resource
aws_iam_policy.cert_manager_policy_aws-prd-us-1-eks resource
aws_iam_policy.cert_manager_policy_aws-prd-us-1-state resource
aws_iam_policy.cert_manager_policy_aws-prd-us-3-eks resource
aws_iam_policy.cert_manager_policy_aws-prd-us-3-state resource
aws_iam_policy.cert_manager_policy_aws-prd-us-4-eks resource
aws_iam_policy.cert_manager_policy_aws-prd-us-4-state resource
aws_iam_policy.dataplane_poweruser resource
aws_iam_policy.dataplane_readonly resource
aws_iam_policy.external_dns_policy_aws-dev-us-99-eks resource
aws_iam_policy.external_dns_policy_aws-dev-us-99-state resource
aws_iam_policy.external_dns_policy_aws-iqa-us-1-eks-ci1 resource
aws_iam_policy.external_dns_policy_aws-iqa-us-2-eks resource
aws_iam_policy.external_dns_policy_aws-iqa-us-2-state resource
aws_iam_policy.external_dns_policy_aws-iqa-us-3-eks resource
aws_iam_policy.external_dns_policy_aws-iqa-us-4-eks resource
aws_iam_policy.external_dns_policy_aws-iqa-us-4-state resource
aws_iam_policy.external_dns_policy_aws-prd-ap-1-eks resource
aws_iam_policy.external_dns_policy_aws-prd-ap-1-state resource
aws_iam_policy.external_dns_policy_aws-prd-us-1-eks resource
aws_iam_policy.external_dns_policy_aws-prd-us-1-state resource
aws_iam_policy.external_dns_policy_aws-prd-us-3-eks resource
aws_iam_policy.external_dns_policy_aws-prd-us-3-state resource
aws_iam_policy.external_dns_policy_aws-prd-us-4-eks resource
aws_iam_policy.external_dns_policy_aws-prd-us-4-state resource
aws_iam_policy.nb_sync resource
aws_iam_policy.vpc_attach_sync resource
aws_iam_role.Grafana-WAF-Dashboard-kinesisFirehoseRole-dkVFruugcL1T resource
aws_iam_role.Grafana-WAF-Dashboard-waflogsGlueCrawlerRole-c6O6nQn69NZ3 resource
aws_iam_role.Powlos-SecurityAudit-Role resource
aws_iam_role.Zilla-Delete-Role-StackSet resource
aws_iam_role.bitbucket_cleanup_role resource
aws_iam_role.britive_integration_role resource
aws_iam_role.cert_manager resource
aws_iam_role.cert_manager_gcp_prd_as_1_gke resource
aws_iam_role.cert_manager_gcp_prd_as_1_state resource
aws_iam_role.cert_manager_role_aws-dev-us-99-eks resource
aws_iam_role.cert_manager_role_aws-dev-us-99-state resource
aws_iam_role.cert_manager_role_aws-iqa-us-1-eks-ci1 resource
aws_iam_role.cert_manager_role_aws-iqa-us-2-eks resource
aws_iam_role.cert_manager_role_aws-iqa-us-2-state resource
aws_iam_role.cert_manager_role_aws-iqa-us-3-eks resource
aws_iam_role.cert_manager_role_aws-iqa-us-4-eks resource
aws_iam_role.cert_manager_role_aws-iqa-us-4-state resource
aws_iam_role.cert_manager_role_aws-prd-ap-1-eks resource
aws_iam_role.cert_manager_role_aws-prd-ap-1-state resource
aws_iam_role.cert_manager_role_aws-prd-us-1-eks resource
aws_iam_role.cert_manager_role_aws-prd-us-1-state resource
aws_iam_role.cert_manager_role_aws-prd-us-3-eks resource
aws_iam_role.cert_manager_role_aws-prd-us-3-state resource
aws_iam_role.cert_manager_role_aws-prd-us-4-eks resource
aws_iam_role.cert_manager_role_aws-prd-us-4-state resource
aws_iam_role.crossplane_compute_control_sa resource
aws_iam_role.dns-manager resource
aws_iam_role.external-dns-cross-accounts-role resource
aws_iam_role.external_dns_role_aws-dev-us-99-eks resource
aws_iam_role.external_dns_role_aws-dev-us-99-state resource
aws_iam_role.external_dns_role_aws-iqa-us-1-eks-ci1 resource
aws_iam_role.external_dns_role_aws-iqa-us-2-eks resource
aws_iam_role.external_dns_role_aws-iqa-us-2-state resource
aws_iam_role.external_dns_role_aws-iqa-us-3-eks resource
aws_iam_role.external_dns_role_aws-iqa-us-4-eks resource
aws_iam_role.external_dns_role_aws-iqa-us-4-state resource
aws_iam_role.external_dns_role_aws-prd-ap-1-eks resource
aws_iam_role.external_dns_role_aws-prd-ap-1-state resource
aws_iam_role.external_dns_role_aws-prd-us-1-eks resource
aws_iam_role.external_dns_role_aws-prd-us-1-state resource
aws_iam_role.external_dns_role_aws-prd-us-3-eks resource
aws_iam_role.external_dns_role_aws-prd-us-3-state resource
aws_iam_role.external_dns_role_aws-prd-us-4-eks resource
aws_iam_role.external_dns_role_aws-prd-us-4-state resource
aws_iam_role.gke-external-dns-demo resource
aws_iam_role.gke_compute_control_external_dns resource
aws_iam_role.gke_external_dns_role_gcp-dev-us-6-gke resource
aws_iam_role.gke_external_dns_role_gcp-prd-as-1-gke resource
aws_iam_role.gke_external_dns_role_gcp-prd-as-1-state resource
aws_iam_role.nb_sync_role resource
aws_iam_role.prisma_remediation_role resource
aws_iam_role.route-53-controlplane-access-role resource
aws_iam_role.sessionmanager resource
aws_iam_role.team_dataplane_admin resource
aws_iam_role.team_dataplane_poweruser resource
aws_iam_role.team_dataplane_readonly resource
aws_iam_role.team_devops resource
aws_iam_role.team_devops_contractors resource
aws_iam_role.team_eng_cloudinterfaces resource
aws_iam_role.team_eng_cloudops resource
aws_iam_role.team_eng_consistency resource
aws_iam_role.team_eng_console resource
aws_iam_role.team_eng_continuousintegration resource
aws_iam_role.team_eng_dataloader resource
aws_iam_role.team_eng_dataunification resource
aws_iam_role.team_eng_db resource
aws_iam_role.team_infosec resource
aws_iam_role.team_qa resource
aws_iam_role.test-cluster-1001-eks-cluster-mv2h6-dns-role resource
aws_iam_role.test-role resource
aws_iam_role.vpc-flow-logs-968814677163-vpc-08bd99b1f924f9c51 resource
aws_iam_role.vpc_attach_sync_role resource
aws_iam_role_policy.Grafana-WAF-Dashboard-kinesisFirehoseRole-dkVFruugcL1T_AllowS3Access resource
aws_iam_role_policy.Grafana-WAF-Dashboard-kinesisFirehoseRole-dkVFruugcL1T_cloudwatch-logs-access resource
aws_iam_role_policy.Grafana-WAF-Dashboard-waflogsGlueCrawlerRole-c6O6nQn69NZ3_WAF-GlueCrawlerRolePolicy resource
aws_iam_role_policy.Powlos-SecurityAudit-Role_UserAccessManagementPolicy resource
aws_iam_role_policy.Zilla-Delete-Role-StackSet_RoleManagementPolicy resource
aws_iam_role_policy.cert_manager_route53 resource
aws_iam_role_policy.cert_manager_route53_gcp_prd_as_1_gke resource
aws_iam_role_policy.cert_manager_route53_gcp_prd_as_1_state resource
aws_iam_role_policy.cross_account_assume_role_remediation resource
aws_iam_role_policy.gke-external-dns-demo_gke-external-dns-policy-route53 resource
aws_iam_role_policy.gke_compute_control_external_dns_policy_route53 resource
aws_iam_role_policy.gke_external_dns_route53_policy_gcp-dev-us-6-gke resource
aws_iam_role_policy.gke_external_dns_route53_policy_gcp-prd-as-1-gke resource
aws_iam_role_policy.gke_external_dns_route53_policy_gcp-prd-as-1-state resource
aws_iam_role_policy.prisma_remediation_policy resource
aws_iam_role_policy.prisma_secret_manager_policy resource
aws_iam_role_policy.sqs_prisma_remediation_policy resource
aws_iam_role_policy_attachment.Grafana-WAF-Dashboard-waflogsGlueCrawlerRole-c6O6nQn69NZ3_AWSGlueServiceRole resource
aws_iam_role_policy_attachment.Powlos-SecurityAudit-Role_SecurityAudit resource
aws_iam_role_policy_attachment.bitbucket_cleanup_attachment resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-dev-us-99-eks resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-dev-us-99-state resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-iqa-us-1-eks-ci1 resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-iqa-us-2-eks resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-iqa-us-2-state resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-iqa-us-3-eks resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-iqa-us-4-eks resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-iqa-us-4-state resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-prd-ap-1-eks resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-prd-ap-1-state resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-prd-us-1-eks resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-prd-us-1-state resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-prd-us-3-eks resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-prd-us-3-state resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-prd-us-4-eks resource
aws_iam_role_policy_attachment.cert_manager_policy_attachment_aws-prd-us-4-state resource
aws_iam_role_policy_attachment.crossplane_compute_control_sa_managed_policies resource
aws_iam_role_policy_attachment.dataplane_poweruser resource
aws_iam_role_policy_attachment.dns-manager_cert-manager-route53-policy resource
aws_iam_role_policy_attachment.external-dns-cross-accounts-role_route53-read-write resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-dev-us-99-eks resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-dev-us-99-state resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-iqa-us-1-eks-ci1 resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-iqa-us-2-eks resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-iqa-us-2-state resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-iqa-us-3-eks resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-iqa-us-4-eks resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-iqa-us-4-state resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-prd-ap-1-eks resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-prd-ap-1-state resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-prd-us-1-eks resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-prd-us-1-state resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-prd-us-3-eks resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-prd-us-3-state resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-prd-us-4-eks resource
aws_iam_role_policy_attachment.external_dns_policy_attachment_aws-prd-us-4-state resource
aws_iam_role_policy_attachment.lambda_sqsexecution_role resource
aws_iam_role_policy_attachment.nb_sync resource
aws_iam_role_policy_attachment.route-53-controlplane-access-role_Route53STSAccess resource
aws_iam_role_policy_attachment.route-53-controlplane-access-role_cert-manager-route53-policy resource
aws_iam_role_policy_attachment.route-53-controlplane-access-role_route53-read-write resource
aws_iam_role_policy_attachment.sessionmanager_AmazonSSMManagedInstanceCore resource
aws_iam_role_policy_attachment.team_eng_cloudinterfaces_ec2_read_only resource
aws_iam_role_policy_attachment.team_eng_cloudinterfaces_ssm_only resource
aws_iam_role_policy_attachment.team_eng_cloudops_ec2_read_only resource
aws_iam_role_policy_attachment.team_eng_cloudops_ssm_only resource
aws_iam_role_policy_attachment.team_eng_consistency_ec2_read_only resource
aws_iam_role_policy_attachment.team_eng_consistency_ssm_only resource
aws_iam_role_policy_attachment.team_eng_console_ec2_read_only resource
aws_iam_role_policy_attachment.team_eng_console_ssm_only resource
aws_iam_role_policy_attachment.team_eng_continuousintegration_ec2_read_only resource
aws_iam_role_policy_attachment.team_eng_continuousintegration_ssm_only resource
aws_iam_role_policy_attachment.team_eng_dataloader_ec2_read_only resource
aws_iam_role_policy_attachment.team_eng_dataloader_ssm_only resource
aws_iam_role_policy_attachment.team_eng_dataunification_ec2_read_only resource
aws_iam_role_policy_attachment.team_eng_dataunification_ssm_only resource
aws_iam_role_policy_attachment.team_eng_db_ec2_read_only resource
aws_iam_role_policy_attachment.team_eng_db_ssm_only resource
aws_iam_role_policy_attachment.team_qa_ec2_read_only resource
aws_iam_role_policy_attachment.team_qa_ssm_only resource
aws_iam_role_policy_attachment.test-cluster-1001-eks-cluster-mv2h6-dns-role_cert-manager-route53-policy resource
aws_iam_role_policy_attachment.vpc-flow-logs-968814677163-vpc-08bd99b1f924f9c51_vpc-flow-logs-968814677163-vpc-08bd99b1f924f9c51 resource
aws_iam_role_policy_attachment.vpc_attach_sync resource
aws_iam_saml_provider.britive resource
aws_caller_identity.current data source
aws_iam_openid_connect_provider.bitbucket data source
aws_iam_openid_connect_provider.gke data source
aws_iam_openid_connect_provider.gke_gcp_prd_as_1_gke data source
aws_iam_openid_connect_provider.gke_gcp_prd_as_1_state data source
aws_iam_openid_connect_provider.gke_oidc_gcp-prd-as-1-gke data source
aws_iam_policy.admin data source
aws_iam_policy.iam_ro data source
aws_iam_policy.org_ro data source
aws_iam_policy.support data source
aws_iam_policy.view_only data source
aws_iam_policy_document.britive_assume_role_policy data source
aws_route53_zone.domains data source

Inputs

Name Description Type Default Required
bitbucket_repository Bitbucket repository name string "compute-runtime" no
bitbucket_workspace Bitbucket workspace name string "reltio-ondemand" no
bitbucket_workspace_uuid Bitbucket workspace UUID string "0e2acc7d-8be9-4c4b-9ecd-5e821b7c5c4e" no
dns_domains DNS domains to allow cleanup operations on list(string)
[
"internal.reltio.com",
"cloud.reltio.com"
]
no

Outputs

Name Description
cert_manager_role_arn ARN of the cert-manager IAM role
cert_manager_role_arn_gcp_prd_as_1_gke ARN of the cert-manager IAM role
cert_manager_role_arn_gcp_prd_as_1_state ARN of the cert-manager IAM role
gke_external_dns_role_arn_gcp-dev-us-6-gke ARN of the AWS IAM role for external-dns
gke_external_dns_role_arn_gcp-prd-as-1-gke ARN of the AWS IAM role for external-dns
gke_external_dns_role_arn_gcp-prd-as-1-state ARN of the AWS IAM role for external-dns
gke_oidc_provider_arn_gcp-dev-us-6-gke ARN of the AWS OIDC provider for the GKE cluster
gke_oidc_provider_arn_gcp-prd-as-1-gke ARN of the AWS OIDC provider for the GKE cluster
gke_oidc_provider_arn_gcp-prd-as-1-state ARN of the AWS OIDC provider for the GKE cluster