adyxax/tofu-module-aws-iam-role
1
0
Fork 0
Code Issues Pull requests Releases 2 Activity Actions
tofu-module-aws-iam-role/README.md
Julien Dessaux 080645a79d
Some checks failed
main / test (push) Has been cancelled
Details
feat(module): add output variable arn and deprecate the output variable iam_role_arn
2025-04-12 07:44:59 +02:00

31 lines
783 B
Markdown
Raw Blame History

# AWS IAM role
This module configures an IAM role in an AWS account. It works conjointly with
my [tofu module for IAM
user](https://git.adyxax.org/adyxax/tofu-module-aws-iam-user).
It provides a default policy allowing my Forgejo workflows to run tests and
continuous integration tasks on AWS.
## Usage example
``` hcl
module "aws_iam_role" {
source = "git::ssh://git@git.adyxax.org/adyxax/tofu-module-aws-iam-role?depth=1&ref=1.1.0"
name = local.name
policy_statements = jsonencode([
{
Action = "acm:*"
Effect = "Allow"
Resource = "*"
},
])
}
```
## Policies
The IAM role is granted the following permissions on the AWS account:
- Access specified by the `var.policy_statements` JSON encoded list.
- Read the role IAM object.
Reference in a new issue View git blame Copy permalink