adyxax/tofu-module-aws-iam-user

Julien Dessaux a046131bd2

feat(module): initial import

2025-04-11 00:14:14 +02:00

830 B

Raw Permalink Blame History

AWS IAM user

This module creates and manages an IAM user in an AWS account with an IAM access key. It works conjointly with my tofu module for IAM roles.

It provides a default set of policies allowing my Forgejo workflows to run tests and continuous integration tasks on AWS.

Usage example

module "aws_iam_user" {
  source = "git::ssh://git@git.adyxax.org/adyxax/tofu-module-aws-iam-user?depth=1&ref=1.0.0"

  assume_role_account_names = [ "core", "tests" ]
  name                      = local.name
}

Policies

The IAM user is granted the following permissions on the AWS account:

Assume roles in AWS sub-accounts specified by the var.assume_role_account_names list.
Manage the repository's own IAM access key.
Read the user IAM object.