Skip to content

evairmarinho/terraform-aws-iam-users-groups

Repository files navigation

Introduction

  • This Terraform module create IAM users and optionally IAM groups dynamically in AWS cloud.

    Permissions

  • Crate a policy with content below and attach in EC2 IAM Role or IAM User. These permissions are required to works correctly!

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "",
            "Effect": "Allow",
            "Action": [
                "iam:CreateGroup",
                "iam:AddUserToGroup",
                "iam:RemoveUserFromGroup",
                "iam:DeleteGroup",
                "iam:ListGroupsForUser",
                "iam:UpdateGroup",
                "iam:DeleteUser",
                "iam:GetUser",
                "iam:CreateUser",
                "iam:GetGroup"
            ],
            "Resource": "*"
        }
    ]
}

Usage

module "terraform-aws-iam-users-groups" {

  source = "evairmarinho/iam-users-groups/aws"
  version = "= 1.0.4"
  create_groups = false
  users = {
      "user1": {
          name: "evair.marinho"
          groups: ["DevOps"]
          path: "/"
      },
      "user2":{
          name: "joao.sousa"
          groups: ["Billing"]
          path: "/"
      }
  }

}

Examples

Requirements

Name Version
terraform >= 0.12.6
aws >= 2.50, < 4.0

Providers

Name Version
aws 3.62.0

Resources

Name Type
aws_iam_group.groups resource
aws_iam_user.users resource
aws_iam_user_group_membership.user_to_groups resource

Inputs

Name Description Type Default Required
create_groups Define if Terraform will create new_groups based on variable groups . bool false no
groups List of group names for Terraform create, case create_groups variable be true list(string) [] no
tags Tags for all resources. map(string) {} no
users Map for Terraform create users. map(any) {} no

This Terraform documentation was generated by terraform-docs.

Getting started

terraform init

terraform plan

terraform apply