https://github.com/rhythmictech/terraform-aws-rhythmic-iam-roles

Create and manage IAM roles for Rhythmic engineers to access accounts via cross-account IAM roles.
https://github.com/rhythmictech/terraform-aws-rhythmic-iam-roles

aws iam iam-role terraform terraform-module terraform-modules

Last synced: 2 months ago
JSON representation

Create and manage IAM roles for Rhythmic engineers to access accounts via cross-account IAM roles.

Host: GitHub
URL: https://github.com/rhythmictech/terraform-aws-rhythmic-iam-roles
Owner: rhythmictech
License: mit
Created: 2019-06-02T23:19:56.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2023-08-31T15:41:47.000Z (over 1 year ago)
Last Synced: 2025-01-08T11:40:58.123Z (4 months ago)
Topics: aws, iam, iam-role, terraform, terraform-module, terraform-modules
Language: HCL
Homepage: https://registry.terraform.io/modules/rhythmictech/rhythmic-iam-roles/aws
Size: 19.5 KB
Stars: 1
Watchers: 2
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

        # terraform-aws-rhythmic-iam-roles

[![](https://github.com/rhythmictech/terraform-aws-rhythmic-iam-roles/workflows/check/badge.svg)](https://github.com/rhythmictech/terraform-aws-rhythmic-iam-roles/actions)

Create and manage IAM roles for Rhythmic engineers to access accounts via cross-account IAM roles.

## Usage

```

module "rhythmic-iam-roles" {

  source         = "git::https://github.com/rhythmictech/terraform-aws-rhythmic-iam-roles.git"

  role_prefix    = "RhythmicOps-"

  master_account = "123456789012"

}

```

## Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 0.12.19 |

|  [aws](#requirement\_aws) | >= 3 |

## Providers

| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | >= 3 |

## Modules

No modules.

## Resources

| Name | Type |

|------|------|

| [aws_iam_role.FullAdminAccess](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |

| [aws_iam_role.FullReadOnlyAccess](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |

| [aws_iam_role.SecurityAnalyst](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |

| [aws_iam_role.StandardAdminAccess](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |

| [aws_iam_role_policy_attachment.FullAdminAccess](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_iam_role_policy_attachment.FullReadOnlyAccess](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_iam_role_policy_attachment.SecurityAnalyst](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_iam_role_policy_attachment.StandardAdminAccess](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_iam_role_policy_attachment.StandardAdmin_additional_policies](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |

| [aws_iam_policy_document.assume](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [create\_security\_analyst\_role](#input\_create\_security\_analyst\_role) | Create role with SecurityAudit managed policy attached | `bool` | `true` | no |

|  [create\_standard\_admin\_role](#input\_create\_standard\_admin\_role) | Create StandardAdmin role | `bool` | `true` | no |

|  [external\_id](#input\_external\_id) | External ID associated with the IAM role to be assumed, if applicable | `string` | `""` | no |

|  [master\_account](#input\_master\_account) | Master account that holds cross-account roles | `string` | n/a | yes |

|  [max\_session\_duration](#input\_max\_session\_duration) | STS token max lifetime | `number` | `7200` | no |

|  [role\_prefix](#input\_role\_prefix) | Optional prefix for IAM role names | `string` | `""` | no |

|  [standard\_admin\_additional\_policies](#input\_standard\_admin\_additional\_policies) | List of additional policy ARNs to attach to standard admin role | `list(string)` | `[]` | no |

|  [standard\_admin\_attach\_poweruser](#input\_standard\_admin\_attach\_poweruser) | Attach AWS managed policy PowerUser to Standard Admin role | `bool` | `true` | no |

|  [standard\_admin\_role\_name](#input\_standard\_admin\_role\_name) | Standard Admin role name | `string` | `"StandardAdmin"` | no |

|  [tags](#input\_tags) | Tags to apply across all roles | `map(string)` | `{}` | no |

## Outputs

No outputs.

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/rhythmictech/terraform-aws-rhythmic-iam-roles

Awesome Lists containing this project

README