Consolidating the IAM role for customer connections in US and EU regions (#75)

* Consolidating the IAM role for customer connections in US and EU regions

Consolidating the IAM role for customer connections in US and EU regions

* updating IAM role permissions in main.tf

* Update main.tf

Author: hrdamani

aws_datalake/modules/iam/main.tf

@@ -23,7 +23,7 @@ data "aws_iam_policy_document" "segment_data_lake_assume_role_policy_document" {
 
     principals {
       type        = "AWS"
-      identifiers = "${var.segment_region!= "eu-west-1" ? var.segment_aws_accounts : var.segment_eu_aws_accounts}"
+      identifiers = var.segment_aws_accounts
     }
 
     effect = "Allow"

aws_datalake/modules/iam/variables.tf

@@ -9,21 +9,10 @@ variable "segment_aws_accounts" {
   type        = list(string)
 
   default = [
-    "arn:aws:iam::294048959147:role/datalakes-aws-worker",
-    "arn:aws:iam::294048959147:role/datalakes-customer-service",
-    "arn:aws:iam::294048959147:role/customer-datalakes-prod-admin",
+    "arn:aws:iam::595280932656:role/segment-datalakes-production-access",
   ]
 }
 
-variable "segment_eu_aws_accounts" {
-    description = "ARN of the EU AWS accounts used by Segment to connect to your Data Lake."
-    type        = list(string)
-  
-    default = [
-      "arn:aws:iam::595280932656:role/segment-datalakes-production-access",
-    ]
-}
-
 variable "segment_region" {
   description = "Region the Data Lake will be set up in"
   type        = string