HomeTerraform Moduleiam-assumed-roles

iam-assumed-roles

cloudposse/iam-assumed-roles/aws

Terraform Module HCL AWS

Terraform Module for Assumed Roles on AWS with IAM Groups Requiring MFA

Install
module "iam-assumed-roles" {
source = "cloudposse/iam-assumed-roles/aws"
version = "0.6.0"
}
⭐ Source on GitHub 📦 Registry page
README

[![README Header][readme_header_img]][readme_header_link] [![Cloud Posse][logo]](https://cpco.io/homepage) terraform-aws-iam-assumed-roles ![Build Status](https://travis-ci.org/cloudposse/terraform-aws-iam-assumed-roles) ![Latest Release](https://github.com/cloudposse/terraform-aws-iam-assumed-roles/releases/latest) ![Slack Community](https://slack.cloudposse.com) Terraform module to provision two IAM roles and two IAM groups for assuming the roles provided MFA is present, and add IAM users to the groups. - Role and group with Administrator (full) access to AWS resources - Role and group with Readonly access to AWS resources To give a user administrator's access, add the user to the admin group. To give a user readonly access, add the user to the readonly group. --- This project is part of

Inputs (11)
NameTypeDescriptionDefault
stagestringStage (e.g. `prod`, `dev`, `staging`) required
namespacestringNamespace (e.g. `cp` or `cloudposse`) required
attributeslistAdditional attributes (e.g. `policy` or `role`)[]
readonly_namestringName for the readonly group and role (e.g. `readonly`)"readonly"
admin_user_nameslistOptional list of IAM user names to add to the admin group[]
switchrole_urlstringURL to the IAM console to switch to a role"https://signin.aws.amazon.com/switchrol
enabledstringSet to false to prevent the module from creating any resources"true"
tagsmapAdditional tags (e.g. map(`BusinessUnit`,`XYZ`){}
admin_namestringName for the admin group and role (e.g. `admin`)"admin"
readonly_user_nameslistOptional list of IAM user names to add to the readonly group[]
delimiterstringDelimiter to be used between `namespace`, `stage`, `name`, and `attributes`"-"
Outputs (12)
group_admin_name — Admin group name
group_readonly_id — Readonly group ID
group_readonly_name — Readonly group name
role_admin_name — Admin role name
role_readonly_arn — Readonly role ARN
role_readonly_name — Readonly role name
group_admin_id — Admin group ID
group_admin_arn — Admin group ARN
group_readonly_arn — Readonly group ARN
role_admin_arn — Admin role ARN
switchrole_admin_url — URL to the IAM console to switch to the admin role
switchrole_readonly_url — URL to the IAM console to switch to the readonly role
Resources (6)
aws_iam_groupaws_iam_group_membershipaws_iam_group_policy_attachmentaws_iam_policyaws_iam_roleaws_iam_role_policy_attachment
Topics & Tags
stsmfaterraformawsiamiam-roleterraform-modulesassume-role
Details
FrameworkTerraform Module
LanguageHCL
Version0.6.0
Cloud AWS
★ Stars35
Forks30
Total downloads7.1k
Inputs11
Outputs12
Resources6
LicenseApache-2.0
Namespacecloudposse
Updated
Similar packages
caf-enterprise-scale

Azure landing zones Terraform module

★ 952terraform
caf

Terraform supermodule for the Terraform platform engineering for Azure

★ 581terraform
lz-vending

Terraform module to deploy landing zone subscriptions (and much more) in Azure

★ 210terraform
label

Terraform Module to define a consistent naming convention by (namespace, stage,

★ 702terraform