These types of resources are supported:
- RAM user
- RAM user login profile
- RAM access key
- RAM account alias
- RAM account password policy
- RAM group
- RAM group membership
- RAM group policy attachment
- RAM role
- RAM role attachment
- RAM user policy attachment
| Name | Version |
|---|---|
| terraform | >= 0.13.0 |
| alicloud | >= 1.56.0 |
Create a ram user without any access permission
module "ram_user" {
source = "terraform-alicloud-modules/ram/alicloud"
name = "terraformtest1"
}Setting create_ram_user_login_profile to true can allow the ram user login the web console
module "ram_user" {
source = "terraform-alicloud-modules/ram/alicloud"
name = "terraformtest1"
create_ram_user_login_profile = true
password = "123X_xxxx"
}Setting create_ram_access_key to true can allocate a access key and secret key to the ram user
, and them will store into the default secret file secret.txt
module "ram_user" {
source = "terraform-alicloud-modules/ram/alicloud"
name = "terraformtest1"
create_ram_access_key = true
}Create a ram admin
module "ram_user" {
source = "terraform-alicloud-modules/ram/alicloud"
name = "terraformtest1"
is_admin = true
}Create a ram user with read-only permission
module "ram_user" {
source = "terraform-alicloud-modules/ram/alicloud"
name = "terraformtest1"
is_reader = true
}- ram-user module
- ram-policy module
- ram-group-with-policies module
- ram-account module
- ram-assumable-role module
- ram-assumable-roles module
- ram-group-with-assumable-roles-policy module
- ram-user example - Add RAM user, login profile and access keys.
- ram-admin example - Add RAM user with administrator previlleage, login profile and access keys.
- ram-policy example - Create Alicloud Resource Access Management (RAM) User Terraform module
- ram-group-with-policies example - Creates RAM group with specified RAM policies, and add users into a group.
- ram-account example - Manage RAM account alias and password policy.
- ram-assumable-role example - Add RAM role.
- ram-assumable-roles example - - Add RAM roles.
- ram-group-with-assumable-roles-policy example - Create RAM groups with users who are allowed to assume RAM roles.
From the version v1.3.0, the module has removed the following provider setting:
provider "alicloud" {
version = ">=1.56.0"
region = var.region != "" ? var.region : null
configuration_source = "terraform-alicloud-modules/ram"
} If you still want to use the provider setting to apply this module, you can specify a supported version, like 1.2.0:
module "ram" {
source = "terraform-alicloud-modules/ram/alicloud"
version = "1.2.0"
region = "cn-hangzhou"
profile = "Your-Profile-Name"
name = "terraformtest1"
is_reader = true
}If you want to upgrade the module to 1.3.0 or higher in-place, you can define a provider which same region with previous region:
provider "alicloud" {
region = "cn-hangzhou"
profile = "Your-Profile-Name"
}
module "ram" {
source = "terraform-alicloud-modules/ram/alicloud"
name = "terraformtest1"
is_reader = true
}or specify an alias provider with a defined region to the module using providers:
provider "alicloud" {
region = "cn-hangzhou"
profile = "Your-Profile-Name"
alias = "hz"
}
module "ram" {
source = "terraform-alicloud-modules/ram/alicloud"
providers = {
alicloud = alicloud.hz
}
name = "terraformtest2"
is_reader = true
}and then run terraform init and terraform apply to make the defined provider effect to the existing module state.
More details see How to use provider in the module
Created and maintained by Alibaba Cloud Terraform Team(terraform@alibabacloud.com)
Apache 2 Licensed. See LICENSE for full details.