No description

HCL 96.6%
Shell 3.4%

Find a file

Julien Dessaux 572358c304 Some checks failed main / main-1 (push) Failing after 2m14s Details main / main (push) Failing after 0s Details fmt		2026-05-01 17:55:08 +02:00
.forgejo/workflows	fmt	2026-05-01 17:55:08 +02:00
infrastructure/tofu	chore(infrastructure): update git module path	2026-04-20 11:14:05 +02:00
test	fmt	2026-05-01 17:55:08 +02:00
.gitignore	feat(module): initial import	2025-04-11 00:14:14 +02:00
CHANGELOG.md	feat(module): add default value `[]` to input variable `assume_role_account_names`	2025-04-12 09:02:02 +02:00
LICENSE	feat(module): initial import	2025-04-11 00:14:14 +02:00
main.tf	feat(module): add default value `[]` to input variable `assume_role_account_names`	2025-04-12 09:02:02 +02:00
main.tftest.hcl	test(module): really test the generated access key	2025-04-26 18:14:37 +02:00
outputs.tf	feat(module): initial import	2025-04-11 00:14:14 +02:00
providers.tf	feat(module): initial import	2025-04-11 00:14:14 +02:00
README.md	chore(infrastructure): update git module path	2026-04-20 11:14:05 +02:00
variables.tf	feat(module): add default value `[]` to input variable `assume_role_account_names`	2025-04-12 09:02:02 +02:00

README.md

AWS IAM user

This module creates and manages an IAM user in an AWS account with an IAM access key. It works conjointly with my tofu module for IAM roles.

It provides a default set of policies allowing my Forgejo workflows to run tests and continuous integration tasks on AWS.

Usage example

module "aws_iam_user" {
  source = "git::ssh://git@git.adyxax.org/adyxax.org/tofu-module-aws-iam-user?depth=1&ref=1.1.0"

  assume_role_account_names = [ "core", "tests" ]
  name                      = local.name
}

Policies

The IAM user is granted the following permissions on the AWS account:

Assume roles in AWS sub-accounts specified by the var.assume_role_account_names list.
Manage the repository's own IAM access key.
Read the user IAM object.