feat(module): initial import

2025-04-10 13:01:01 +02:00 · 2025-04-10 13:01:01 +02:00 · 336e7703d6
commit 336e7703d6
8 changed files with 400 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,31 @@
+# AWS IAM role
+
+This module configures an IAM role in an AWS account. It works conjointly with
+my [tofu module for IAM
+user](https://git.adyxax.org/adyxax/tofu-module-aws-iam-user).
+
+It provides a default policy allowing my Forgejo workflows to run tests and
+continuous integration tasks on AWS.
+
+## Usage example
+
+``` hcl
+module "aws_iam_role" {
+  source = "git::ssh://git@git.adyxax.org/adyxax/tofu-module-aws-iam-role?depth=1&ref=1.0.0"
+
+  name            = local.name
+  policy_statements = jsonencode([
+    {
+      Action   = "acm:*"
+      Effect   = "Allow"
+      Resource = "*"
+    },
+  ])
+}
+```
+
+## Policies
+
+The IAM role is granted the following permissions on the AWS account:
+- Access specified by the `var.policy_statements` JSON encoded list.
+- Read the role IAM object.