This is DAQ's Terraform Module for AWS IAM role management.
This repo provides a template for other Terraform repos to create IAM roles.
- pre-commit
- install pre-commit
- run
pre-commit installlocally
This module creates an IAM Role and its policy document. You need to pass your custom policy document or a list of AWS pre-defined policies to the module.
See examples.
| Name | Version |
|---|---|
| terraform | >= 0.13 |
| Name | Version |
|---|---|
| aws | n/a |
No modules.
| Name | Type |
|---|---|
| aws_iam_policy.custom_policy | resource |
| aws_iam_policy_attachment.custom_policy_attachment | resource |
| aws_iam_role.custom_role | resource |
| aws_iam_role_policy_attachment.existing_policy_attachment | resource |
| aws_caller_identity.current | data source |
| aws_iam_policy_document.assume_role | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| arns_assume_role | List of ARNs of IAM entities that can assume the role | list(string) |
[] |
no |
| existing_iam_policy_arns | List of ARNs of existing IAM policies | list(string) |
[] |
no |
| iam_policy_document | Custom IAM policy document | string |
"" |
no |
| name_prefix | Name prefix for IAM role name | string |
"" |
no |
| role_description | An optional IAM role description | string |
"" |
no |
| role_path | An optional IAM role path | string |
"" |
no |
| services_assume_role | List of services that can assume the role | list(string) |
[] |
no |
| Name | Description |
|---|---|
| role_arn | IAM role ARN |
| role_name | IAM role name |