HomeTerraform Moduleiam-chamber-user

iam-chamber-user

cloudposse/iam-chamber-user/aws

Terraform Module HCL AWS

Terraform module to provision a basic IAM chamber user with access to SSM parameters and KMS key to decrypt secrets, suitable for CI/CD systems (e.g. TravisCI, CircleCI, CodeFresh) or systems which are external to AWS that cannot leverage AWS IAM Instance Profiles

Install
module "iam-chamber-user" {
source = "cloudposse/iam-chamber-user/aws"
version = "0.1.7"
}
plain text: /constructs/tfmod-cloudposse-iam-chamber-user-aws/install.txt
⭐ Source on GitHub 📦 Registry page
README

![Cloud Posse](https://cloudposse.com) terraform-aws-iam-chamber-user ![Build Status](https://travis-ci.org/cloudposse/terraform-aws-iam-chamber-user) ![Latest Release](https://github.com/cloudposse/terraform-aws-iam-chamber-user/releases/latest) ![Slack Community](https://slack.cloudposse.com) Terraform module to provision a basic IAM chamber user with access to SSM parameters and KMS key to decrypt secrets, suitable for CI/CD systems (_e.g._ TravisCI, CircleCI, CodeFresh) or systems which are external to AWS that cannot leverage AWS IAM Instance Profiles. We do not recommend creating IAM users this way for any other purpose. --- This project is part of our comprehensive "SweetOps" approach towards DevOps. It's 100% Open Source and licensed under the APACHE2. Usage ``hcl module "chamber_u

Inputs (12)
NameTypeDescriptionDefault
namespacestringNamespace (e.g. `cp` or `cloudposse`) required
stagestringStage (e.g. `prod`, `dev`, `staging`) required
kms_key_arnstringARN of the KMS key which will decrypt secret strings required
namestringApplication or solution name (e.g. `app`) required
delimiterstringDelimiter to be used between `namespace`, `stage`, `name` and `attributes`"-"
tagsmapAdditional tags (e.g. map(`BusinessUnit`,`XYZ`){}
ssm_resourceslistResources to apply the actions specified in the policy[ "*" ]
pathstringPath in which to create the user"/"
attributeslistAdditional attributes (e.g. `1`)[]
ssm_actionslistActions to allow in the policy[ "ssm:GetParametersByPath", "ssm:Ge
force_destroystringDestroy even if it has non-Terraform-managed IAM access keys, login profiles or "false"
enabledstringSet to false to prevent the module from creating any resources"true"
Outputs (5)
secret_access_key — The secret access key. This will be written to the state file in plain-text
user_name — Normalized IAM user name
user_arn — The ARN assigned by AWS for the user
user_unique_id — The user unique ID assigned by AWS
access_key_id — The access key ID
Resources (1)
aws_iam_user_policy
Topics & Tags
chamberssmterraformcicdawsiamkmsterraform-moduleiam-users
Details
FrameworkTerraform Module
LanguageHCL
Version0.1.7
Cloud AWS
★ Stars9
Forks14
Total downloads6.6k
Inputs12
Outputs5
Resources1
LicenseApache-2.0
Namespacecloudposse
Updated
Similar packages
caf-enterprise-scale

Azure landing zones Terraform module

★ 952terraform
caf

Terraform supermodule for the Terraform platform engineering for Azure

★ 581terraform
lz-vending

Terraform module to deploy landing zone subscriptions (and much more) in Azure

★ 210terraform-module
label

Terraform Module to define a consistent naming convention by (namespace, stage,

★ 702terraform
Tools
⚖ Compare with another construct → 📋 View data schema