No description

Find a file

Julien Dessaux c7927f49eb test(module): really test the generated access key		2025-04-26 18:14:37 +02:00
.forgejo/workflows	chore(infrastructure): bootstrap CI	2025-04-12 09:02:04 +02:00
infrastructure/tofu	chore(infrastructure): change the AWS account used for tests	2025-04-17 17:02:05 +02:00
test	test(module): really test the generated access key	2025-04-26 18:14:37 +02:00
.gitignore	feat(module): initial import	2025-04-11 00:14:14 +02:00
CHANGELOG.md	feat(module): add default value `[]` to input variable `assume_role_account_names`	2025-04-12 09:02:02 +02:00
LICENSE	feat(module): initial import	2025-04-11 00:14:14 +02:00
main.tf	feat(module): add default value `[]` to input variable `assume_role_account_names`	2025-04-12 09:02:02 +02:00
main.tftest.hcl	test(module): really test the generated access key	2025-04-26 18:14:37 +02:00
outputs.tf	feat(module): initial import	2025-04-11 00:14:14 +02:00
providers.tf	feat(module): initial import	2025-04-11 00:14:14 +02:00
README.md	feat(module): initial import	2025-04-11 00:14:14 +02:00
variables.tf	feat(module): add default value `[]` to input variable `assume_role_account_names`	2025-04-12 09:02:02 +02:00

README.md

AWS IAM user

This module creates and manages an IAM user in an AWS account with an IAM access key. It works conjointly with my tofu module for IAM roles.

It provides a default set of policies allowing my Forgejo workflows to run tests and continuous integration tasks on AWS.

Usage example

module "aws_iam_user" {
  source = "git::ssh://git@git.adyxax.org/adyxax/tofu-module-aws-iam-user?depth=1&ref=1.0.0"

  assume_role_account_names = [ "core", "tests" ]
  name                      = local.name
}

Policies

The IAM user is granted the following permissions on the AWS account:

Assume roles in AWS sub-accounts specified by the var.assume_role_account_names list.
Manage the repository's own IAM access key.
Read the user IAM object.