https://github.com/geekcell/terraform-aws-iam-role
Terraform module to provision an AWS IAM Role.
https://github.com/geekcell/terraform-aws-iam-role
aws iam iam-role terraform terraform-module
Last synced: about 1 month ago
JSON representation
Terraform module to provision an AWS IAM Role.
- Host: GitHub
- URL: https://github.com/geekcell/terraform-aws-iam-role
- Owner: geekcell
- License: apache-2.0
- Created: 2023-01-05T16:32:17.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2023-10-27T11:11:12.000Z (almost 2 years ago)
- Last Synced: 2025-09-05T16:08:53.710Z (about 1 month ago)
- Topics: aws, iam, iam-role, terraform, terraform-module
- Language: HCL
- Homepage: https://www.geekcell.io
- Size: 53.7 KB
- Stars: 0
- Watchers: 3
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[](https://www.geekcell.io/)
### Code Quality
[](https://github.com/geekcell/terraform-aws-iam-role/blob/master/LICENSE)
[](https://github.com/geekcell/terraform-aws-iam-role/releases)
[](https://github.com/geekcell/terraform-aws-iam-role/actions/workflows/release.yaml)
[](https://github.com/geekcell/terraform-aws-iam-role/actions/workflows/validate.yaml)
[](https://github.com/geekcell/terraform-aws-iam-role/actions/workflows/linter.yaml)
[](https://github.com/geekcell/terraform-aws-iam-role/actions/workflows/test.yaml)
### Security
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=INFRASTRUCTURE+SECURITY)
#### Cloud
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=CIS+AWS+V1.2)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=CIS+AWS+V1.3)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=CIS+AZURE+V1.1)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=CIS+AZURE+V1.3)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=CIS+GCP+V1.1)
##### Container
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=CIS+KUBERNETES+V1.6)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=CIS+EKS+V1.1)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=CIS+GKE+V1.1)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=CIS+KUBERNETES+V1.5)
#### Data protection
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=SOC2)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=PCI-DSS+V3.2)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=PCI-DSS+V3.2.1)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=ISO27001)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=NIST-800-53)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=HIPAA)
[](https://www.bridgecrew.cloud/link/badge?vcs=github&fullRepo=geekcell%2Fterraform-aws-iam-role&benchmark=FEDRAMP+%28MODERATE%29)
# Terraform AWS IAM Role
Introducing the AWS IAM Role Terraform Module, a highly efficient solution for creating and managing your AWS
Identity and Access Management (IAM) roles. This module has been expertly crafted to provide you with a simple and
streamlined way to create and manage your IAM roles within AWS.
Our team of experts has years of experience working with AWS IAM and has a deep understanding of the best practices
and configurations. By using this Terraform module, you can be sure that your IAM roles are created and managed in
a secure, efficient, and scalable manner.
This module offers a preconfigured solution for creating IAM roles, saving you time and effort in the process.
Whether you're looking to grant access to specific AWS services or to limit the actions that can be performed on
your resources, this module has you covered.
So, if you're looking for a convenient and reliable solution for creating and managing your IAM roles within AWS,
look no further than the AWS IAM Role Terraform Module. Give it a try and see the difference it can make in your
AWS setup!
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [assume\_role\_json](#input\_assume\_role\_json) | A rendered JSON string of the `assume_roles` variable. | `string` | `null` | no |
| [assume\_roles](#input\_assume\_roles) | A map of principals which can assume the role. The default action is: `["sts:AssumeRole"]` |
map(object({
actions = optional(list(string))
identifiers = list(string)
conditions = optional(list(object({
test = string
variable = string
values = list(string)
})))
})) | `{}` | no |
| [description](#input\_description) | Description of the Role. | `string` | `null` | no |
| [enable\_iam\_instance\_profile](#input\_enable\_iam\_instance\_profile) | If enabled, will create an IAM instance profile for this role. | `bool` | `false` | no |
| [force\_detach\_policies](#input\_force\_detach\_policies) | Whether to force detaching any policies the role has before destroying it. | `bool` | `false` | no |
| [max\_session\_duration](#input\_max\_session\_duration) | Maximum session duration (in seconds) that you want to set for the specified role. | `number` | `3600` | no |
| [name](#input\_name) | Name or prefix of the Role. | `string` | n/a | yes |
| [path](#input\_path) | Path to the role. | `string` | `"/"` | no |
| [permissions\_boundary](#input\_permissions\_boundary) | ARN of the policy that is used to set the permissions boundary for the role. | `string` | `null` | no |
| [policy\_arns](#input\_policy\_arns) | A list of policy ARNs to attach to the role. | `list(string)` | `[]` | no |
| [tags](#input\_tags) | Tags to add to the Role. | `map(any)` | `{}` | no |
| [use\_name\_prefix](#input\_use\_name\_prefix) | Use the `name` attribute as prefix for the role name. | `bool` | `true` | no |
## Outputs
| Name | Description |
|------|-------------|
| [arn](#output\_arn) | IAM role arn |
| [instance\_profile\_arn](#output\_instance\_profile\_arn) | IAM instance profile arn |
| [name](#output\_name) | IAM role name |
## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | >= 4.36 |
## Resources
- resource.aws_iam_instance_profile.main (main.tf#77)
- resource.aws_iam_role.main (main.tf#55)
- resource.aws_iam_role_policy_attachment.main (main.tf#70)
- data source.aws_iam_policy_document.assume (main.tf#20)
- data source.aws_iam_policy_document.assume_combined (main.tf#47)
# Examples
### Minimal
```hcl
module "basic-example" {
source = "../../"
name = var.name
assume_roles = {
AWS : {
identifiers : [var.account]
}
}
policy_arns = ["arn:aws:iam::aws:policy/ReadOnlyAccess"]
}
```