HomeTerraform Moduleiam

iam

cytopia/iam/aws

Terraform Module HCL AWS

This Terraform module manages AWS IAM to its full extend.

Install
module "iam" {
source = "cytopia/iam/aws"
version = "5.0.6"
}
plain text: /constructs/tfmod-cytopia-iam-aws/install.txt
⭐ Source on GitHub 📦 Registry page
README

Terraform module: AWS IAM Features | Important | Examples | Usage | Inputs | Outputs | Related projects | Authors | License ![lint](https://github.com/cytopia/terraform-aws-iam/actions?query=workflow%3Alint) ![test](https://github.com/cytopia/terraform-aws-iam/actions?query=workflow%3Atest) ![Tag](https://github.com/cytopia/terraform-aws-iam/releases) ![Terraform](https://registry.terraform.io/modules/cytopia/iam/aws/) ![License](https://opensource.org/licenses/MIT) This Terraform module manages AWS IAM to its full extend. It is only required to have a single module invocation per AWS account, as this module allows the creation of unlimited resources and you will therefore have an auditable single source of truth for IAM. :star: Features Completely configurable via terraform.tfvars only Ar

Inputs (17)
NameTypeDescriptionDefault
policieslist(object({ name = strinA list of dictionaries defining all policies.[]
userslist(object({ name = strA list of dictionaries defining all users.[]
policy_descstringThe default description of the policy."Managed by Terraform"
tagsmap(any)Key-value mapping of tags for the IAM role or user.{}
account_aliasstringAssign the account alias for the AWS Account. Unmanaged by default. Resource wil""
providers_oidclist(object({ url A list of dictionaries defining openid connect providers.[]
roleslist(object({ name A list of dictionaries defining all roles.[]
role_pathstringThe path under which to create the role. You can use a single path, or nest mult"/"
role_descstringThe description of the role."Managed by Terraform"
role_force_detach_policiesstringSpecifies to force detaching any policies the role has before destroying it.true
user_pathstringThe path under which to create the user. You can use a single path, or nest mult"/"
role_max_session_durationstringThe maximum session duration (in seconds) that you want to set for the specified"3600"
account_pass_policyobject({ manage Manages Password Policy for the AWS Account. Unmanaged by default. Resource will{ "allow_users_to_change_password": nu
providers_samllist(object({ name = strinA list of dictionaries defining saml providers.[]
groupslist(object({ name A list of dictionaries defining all groups.[]
policy_pathstringThe default path under which to create the policy if not specified in the polici"/"
group_pathstringThe path under which to create the group. You can use a single path, or nest mul"/"
Outputs (33)
providers_saml — Created SAML providers.
user_policy_arn_attachments — Attached user IAM policy arns
debug_var_groups — The defined groups list
debug_local_user_policy_arns — The transformed user policy arns map
debug_local_role_policy_arns — The transformed role policy arns map
account_alias — Created Account alias.
roles — Created IAM roles
debug_var_roles — The defined roles list
debug_local_user_policies — The transformed user policy map
debug_local_role_policies — The transformed role policy map
user_policy_attachments — Attached user customer managed IAM policies
role_policy_attachments — Attached role customer managed IAM policies
role_policy_arn_attachments — Attached role IAM policy arns
debug_var_policies — The transformed policy map
debug_local_group_policy_arns — The transformed group policy arns map
account_pass_policy — Created Account password policy.
group_policy_arn_attachments — Attached group IAM policy arns
debug_local_role_inline_policies — The transformed role inline policy map
groups — Created IAM groups
users — Created IAM users
debug_var_users — The defined users list
providers_oidc — Created OpenID Connect providers.
policies — Created customer managed IAM policies
group_policy_attachments — Attached group customer managed IAM policies
user_inline_policy_attachments — Attached user inline IAM policies
debug_local_group_inline_policies — The transformed group inline policy map
debug_local_user_access_keys — The transformed user access key map
user_group_memberships — Assigned user/group memberships
role_inline_policy_attachments — Attached role inline IAM policies
debug_local_policies — The transformed policy map
… and 3 more outputs
Resources (16)
aws_iam_access_keyaws_iam_account_aliasaws_iam_account_password_policyaws_iam_groupaws_iam_group_policyaws_iam_group_policy_attachmentaws_iam_openid_connect_provideraws_iam_policyaws_iam_roleaws_iam_role_policyaws_iam_role_policy_attachmentaws_iam_saml_provideraws_iam_useraws_iam_user_group_membershipaws_iam_user_policyaws_iam_user_policy_attachment
Topics & Tags
iam-policyterraformiam-permissionsawsiamiam-roleterraform-module
Details
FrameworkTerraform Module
LanguageHCL
Version5.0.6
Cloud AWS
★ Stars20
Forks16
Total downloads5.9k
Inputs17
Outputs33
Resources16
Examples7
LicenseMIT
Namespacecytopia
Updated
Similar packages
caf-enterprise-scale

Azure landing zones Terraform module

★ 952terraform
caf

Terraform supermodule for the Terraform platform engineering for Azure

★ 581terraform
lz-vending

Terraform module to deploy landing zone subscriptions (and much more) in Azure

★ 210terraform-module
label

Terraform Module to define a consistent naming convention by (namespace, stage,

★ 702terraform
Tools
⚖ Compare with another construct → 📋 View data schema