AWS Identity and Access Management Role (IAM Role) Terraform Module
Terraform module to provision IAM Role
on AWS.
Usage
Setup
Create a IAM Role.
module "example_role" {
source = "app.terraform.io/ncodelibrary/iam-role/aws"
version = "0.1.3"
description = "Example IAM Role"
iam_policies_to_attach = [
"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role",
"arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore"
]
aws_service_principal = "ec2.amazonaws.com"
identifier = "example-role"
tags = {
Owner = "sysops"
env = "dev"
Cost_Center = "XYZ"
}
}
Examples
Here are some working examples of using this module:
Requirements
Name | Version |
---|---|
terraform | >= 0.12 |
Providers
Name | Version |
---|---|
aws | n/a |
Modules
No Modules.
Resources
Name |
---|
aws_caller_identity |
aws_iam_instance_profile |
aws_iam_policy_document |
aws_iam_role |
aws_iam_role_policy_attachment |
aws_partition |
Inputs
Name | Description | Type | Default | Required |
---|---|---|---|---|
append_workspace | Appends the terraform workspace at the end of resource names, |
bool |
true |
no |
aws_service_principal | The service principal allowed to assume this role. Example: ‘ec2.amazonaws.com’. Not needed if using oidc | string |
"" |
no |
description | Description for the IAM role | string |
"Created by terraform" |
no |
iam_policies_to_attach | List of ARNs of IAM policies to attach | list(string) |
[] |
no |
identifier | Name for the resources | string |
n/a | yes |
oidc_fully_qualified_subjects | The fully qualified OIDC subjects to be added to the role policy | set(string) |
[] |
no |
provider_urls | List of URLs of the OIDC Providers | list(string) |
[] |
no |
tags | Tags to be applied to the resource | map |
{} |
no |
Outputs
Name | Description |
---|---|
output | n/a |
Contributing
If you want to contribute to this repository check all the guidelines specified here before submitting a new PR.