License

AWS Workload Account Automation Setup

This repo contains a Terraform module that is part of the tooling to provision access for automation (CI/CD) tools to a project team's accounts within an AWS Landing Zone.

This module is used in conjunction with other modules that provide other "layers" to project accounts within a landing zone. The modules are orchestrated using a terragrunt configuration that is contained in a private repository.

Third-Party Products/Libraries used and the licenses they are covered by

HashiCorp Terraform - License: MPL 2.0

Project Status

  • Development
  • Production/Maintenance

How To Use

Note: This module is intended to be used by another "root" module, or as part of a terragrunt "stack" rather than on its own. It doesn't do much on its own.

Requirements

Name Version
aws ~> 4.0

Providers

Name Version
aws.iam-security-account ~> 4.0

Modules

Name Source Version
lz_info github.com/BCDevOps/terraform-aws-sea-organization-info n/a

Resources

Name Type
aws_iam_access_key.project_user_access_key resource
aws_iam_access_key.terraform_automation_project_user_access_key resource
aws_iam_user.project_user resource
aws_iam_user.terraform_automation_project_user resource

Inputs

Name Description Type Default Required
automation_role_name The role used for executing automation commands in the environment. string "OrganizationAccountAccessRole" no
iam_security_account_name IAM Security Account Name string "iam-security" no
project_config project.json config. any n/a yes
project_name Project prefix (aka license plate). any n/a yes
project_service_accounts A list of names for addtional custom iam user service accounts. list(string) n/a yes

Outputs

Name Description
access_key_id module outputs should be defined and documented here.
project_sa_access_keys n/a
secret_access_key n/a

Getting Help or Reporting an Issue

To report bugs/issues/feature requests, please file an issue.

How to Contribute

If you would like to contribute, please see our CONTRIBUTING guidelines.

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.

License

Copyright 2018 Province of British Columbia

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

   http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.