adyxax/tofu-module-aws-iam-user
1
0
Fork 0
Code Issues Pull requests Releases 2 Activity Actions
No description
3 commits 1 branch 2 tags 44 KiB
Find a file
Exact
Julien Dessaux 959edc9d00
All checks were successful
main / test (push) Successful in 1m47s
Details
chore(infrastructure): bootstrap CI
2025-04-12 09:02:04 +02:00
.forgejo/workflows chore(infrastructure): bootstrap CI 2025-04-12 09:02:04 +02:00
infrastructure/tofu chore(infrastructure): bootstrap CI 2025-04-12 09:02:04 +02:00
.gitignore feat(module): initial import 2025-04-11 00:14:14 +02:00
CHANGELOG.md feat(module): add default value [] to input variable assume_role_account_names 2025-04-12 09:02:02 +02:00
LICENSE feat(module): initial import 2025-04-11 00:14:14 +02:00
main.tf feat(module): add default value [] to input variable assume_role_account_names 2025-04-12 09:02:02 +02:00
main.tftest.hcl chore(infrastructure): bootstrap CI 2025-04-12 09:02:04 +02:00
outputs.tf feat(module): initial import 2025-04-11 00:14:14 +02:00
providers.tf feat(module): initial import 2025-04-11 00:14:14 +02:00
README.md feat(module): initial import 2025-04-11 00:14:14 +02:00
variables.tf feat(module): add default value [] to input variable assume_role_account_names 2025-04-12 09:02:02 +02:00

README.md

AWS IAM user

This module creates and manages an IAM user in an AWS account with an IAM access key. It works conjointly with my tofu module for IAM roles.

It provides a default set of policies allowing my Forgejo workflows to run tests and continuous integration tasks on AWS.

Usage example

module "aws_iam_user" {
  source = "git::ssh://git@git.adyxax.org/adyxax/tofu-module-aws-iam-user?depth=1&ref=1.0.0"

  assume_role_account_names = [ "core", "tests" ]
  name                      = local.name
}

Policies

The IAM user is granted the following permissions on the AWS account:

  • Assume roles in AWS sub-accounts specified by the var.assume_role_account_names list.
  • Manage the repository's own IAM access key.
  • Read the user IAM object.