terraform-aws-identitystore

This module handles creation of AWS SSO identity groups and users

Usage

module "aws_identitystore" {
  source = "git::https://github.com/avlcloudtechnologies/terraform-aws-config.git?ref=v0.1.0

  sso_groups = {
    admins = {
      description = "Group with Administrator access to all accounts excluding Management account"
    },
    developers = {
      description = "Group for developers"
    }

  sso_users = {
    jane = {
      display_name = "Jane Doe"
      given_name   = "Jane"
      family_name  = "Doe"
      sso_groups   = ["admins"]
    },
    john = {
      display_name = "John Doe"
      given_name   = "John"
      family_name  = "Doe"
      sso_groups   = ["developers"]
    }
  }
}

Requirements

Name	Version
terraform	>= 1.3.0
aws	~> 4.33

Providers

Name	Version
aws	~> 4.33

Modules

No modules.

Resources

Name	Type
aws_identitystore_group.this	resource
aws_identitystore_group_membership.this	resource
aws_identitystore_user.this	resource
aws_ssoadmin_instances.this	data source

Inputs

Name	Description	Type	Default	Required
sso_groups	A map of AWS SSO groups	map(object({ description = optional(string) }))	n/a	yes
sso_users	A map of AWS SSO users	map(object({ display_name = string given_name = string family_name = string sso_groups = list(string) locale = optional(string) nickname = optional(string) preferred_language = optional(string) profile_url = optional(string) timezone = optional(string) title = optional(string) user_type = optional(string) emails = optional(list(object({ value = optional(string) primary = optional(bool, true) type = optional(string) })), []), addresses = optional(list(object({ country = optional(string) formatted = optional(string) locality = optional(string) postal_code = optional(string) primary = optional(bool, true) region = optional(string) street_address = optional(string) type = optional(string) })), []), phone_numbers = optional(list(object({ value = optional(string) primary = optional(bool, true) type = optional(string) })), []) }))	n/a	yes

Name

Description

Type

Default

Required

sso_groups

A map of AWS SSO groups

map(object({
    description = optional(string)
  }))

n/a

yes

sso_users

A map of AWS SSO users

map(object({
    display_name       = string
    given_name         = string
    family_name        = string
    sso_groups         = list(string)
    locale             = optional(string)
    nickname           = optional(string)
    preferred_language = optional(string)
    profile_url        = optional(string)
    timezone           = optional(string)
    title              = optional(string)
    user_type          = optional(string)
    emails = optional(list(object({
      value   = optional(string)
      primary = optional(bool, true)
      type    = optional(string)
    })), []),
    addresses = optional(list(object({
      country        = optional(string)
      formatted      = optional(string)
      locality       = optional(string)
      postal_code    = optional(string)
      primary        = optional(bool, true)
      region         = optional(string)
      street_address = optional(string)
      type           = optional(string)
    })), []),
    phone_numbers = optional(list(object({
      value   = optional(string)
      primary = optional(bool, true)
      type    = optional(string)
    })), [])
  }))

n/a

yes

Outputs

Name	Description
groups	All attributes of the newly created AWS SSO groups in the identity store.
users	All attributes of the newly created AWS SSO users in the identity store.

rblaine95/terraform-aws-identitystore

terraform-aws-identitystore

Usage

Requirements

Providers

Modules

Resources

Inputs

Outputs