├── .deepsource.toml ├── .github ├── CODEOWNERS ├── PULL_REQUEST_TEMPLATE.md ├── dependabot.yml └── workflows │ ├── auto_assignee.yml │ ├── automerge.yml │ ├── changelog.yml │ ├── readme.yml │ ├── tf-checks.yml │ ├── tflint.yml │ └── tfsec.yml ├── .gitignore ├── .pre-commit-config.yaml ├── CHANGELOG.md ├── LICENSE ├── Makefile ├── README.md ├── README.yaml ├── docs └── io.md ├── examples ├── example.tf ├── outputs.tf └── versions.tf ├── main.tf ├── outputs.tf ├── variables.tf └── versions.tf /.deepsource.toml: -------------------------------------------------------------------------------- 1 | version = 1 2 | 3 | [[analyzers]] 4 | name = "terraform" 5 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | # These owners will be the default owners for everything in the repo. 2 | * @anmolnagpal @clouddrove/approvers @clouddrove-ci 3 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | ## what 2 | * Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?) 3 | * Use bullet points to be concise and to the point. 4 | 5 | ## why 6 | * Provide the justifications for the changes (e.g. business case). 7 | * Describe why these changes were made (e.g. why do these commits fix the problem?) 8 | * Use bullet points to be concise and to the point. 9 | 10 | ## references 11 | * Link to any supporting jira issues or helpful documentation to add some context (e.g. stackoverflow). 12 | * Use `closes #123`, if this PR closes a Jira issue `#123` 13 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | # To get started with Dependabot version updates, you'll need to specify which 2 | # package ecosystems to update and where the package manifests are located. 3 | # Please see the documentation for all configuration options: 4 | # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates 5 | 6 | version: 2 7 | updates: 8 | - package-ecosystem: "terraform" # See documentation for possible values 9 | directory: "/" # Location of package manifests 10 | schedule: 11 | interval: "weekly" 12 | # Add assignees 13 | assignees: 14 | - "clouddrove-ci" 15 | # Add reviewer 16 | reviewers: 17 | - "approvers" 18 | - package-ecosystem: "terraform" # See documentation for possible values 19 | directory: "examples/" # Location of package manifests 20 | schedule: 21 | interval: "weekly" 22 | # Add assignees 23 | assignees: 24 | - "clouddrove-ci" 25 | # Add reviewer 26 | reviewers: 27 | - "approvers" 28 | -------------------------------------------------------------------------------- /.github/workflows/auto_assignee.yml: -------------------------------------------------------------------------------- 1 | name: Auto Assign PRs 2 | 3 | on: 4 | pull_request: 5 | types: [opened, reopened] 6 | 7 | workflow_dispatch: 8 | jobs: 9 | assignee: 10 | uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@master 11 | secrets: 12 | GITHUB: ${{ secrets.GITHUB }} 13 | with: 14 | assignees: 'clouddrove-ci' 15 | -------------------------------------------------------------------------------- /.github/workflows/automerge.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Auto merge 3 | on: 4 | pull_request: 5 | jobs: 6 | auto-merge: 7 | uses: clouddrove/github-shared-workflows/.github/workflows/auto_merge.yml@master 8 | secrets: 9 | GITHUB: ${{ secrets.GITHUB }} 10 | with: 11 | tfcheck: 'examples / Check code format' 12 | ... 13 | -------------------------------------------------------------------------------- /.github/workflows/changelog.yml: -------------------------------------------------------------------------------- 1 | name: changelog 2 | permissions: write-all 3 | on: 4 | push: 5 | tags: 6 | - "*" 7 | workflow_dispatch: 8 | jobs: 9 | changelog: 10 | uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@master 11 | secrets: inherit 12 | with: 13 | branch: 'master' 14 | -------------------------------------------------------------------------------- /.github/workflows/readme.yml: -------------------------------------------------------------------------------- 1 | name: Readme Workflow 2 | on: 3 | push: 4 | branches: 5 | - master 6 | paths-ignore: 7 | - 'README.md' 8 | - 'docs/**' 9 | workflow_dispatch: 10 | jobs: 11 | README: 12 | uses: clouddrove/github-shared-workflows/.github/workflows/readme.yml@master 13 | secrets: 14 | TOKEN : ${{ secrets.GITHUB }} 15 | SLACK_WEBHOOK_TERRAFORM: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} -------------------------------------------------------------------------------- /.github/workflows/tf-checks.yml: -------------------------------------------------------------------------------- 1 | name: tf-checks 2 | on: 3 | push: 4 | branches: [ master ] 5 | pull_request: 6 | workflow_dispatch: 7 | jobs: 8 | _example: 9 | uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master 10 | with: 11 | working_directory: './examples/' 12 | 13 | -------------------------------------------------------------------------------- /.github/workflows/tflint.yml: -------------------------------------------------------------------------------- 1 | name: tf-lint 2 | on: 3 | push: 4 | branches: [ master ] 5 | pull_request: 6 | workflow_dispatch: 7 | jobs: 8 | tf-lint: 9 | uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@master 10 | secrets: 11 | GITHUB: ${{ secrets.GITHUB }} 12 | -------------------------------------------------------------------------------- /.github/workflows/tfsec.yml: -------------------------------------------------------------------------------- 1 | name: tfsec 2 | permissions: write-all 3 | on: 4 | pull_request: 5 | workflow_dispatch: 6 | jobs: 7 | tfsec: 8 | uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master 9 | secrets: inherit 10 | with: 11 | working_directory: '.' 12 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # ignored files 2 | *.tfstate 3 | *.tfstate.backup 4 | .terraform 5 | .idea 6 | *.iml 7 | *.terraform.lock.hcl 8 | -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | repos: 2 | 3 | - repo: https://github.com/gruntwork-io/pre-commit 4 | rev: v0.1.12 # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases 5 | hooks: 6 | - id: terraform-fmt 7 | - id: shellcheck 8 | 9 | - repo: git://github.com/pre-commit/pre-commit-hooks 10 | rev: v3.4.0 # Use the ref you want to point at 11 | hooks: 12 | - id: end-of-file-fixer 13 | - id: trailing-whitespace 14 | - id: mixed-line-ending 15 | - id: check-byte-order-marker 16 | - id: check-executables-have-shebangs 17 | - id: check-merge-conflict 18 | - id: debug-statements 19 | - id: check-yaml 20 | - id: check-added-large-files 21 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | All notable changes to this project will be documented in this file. 3 | 4 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), 5 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). 6 | 7 | ## [1.3.0] - 2023-01-19 8 | ### :bug: Bug Fixes 9 | - [`67f7c3c`](https://github.com/clouddrove/terraform-aws-iam-user/commit/67f7c3c577ca80576da6cb32786a28b96454d0f7) - use terraform letast version. 10 | 11 | ## [1.0.1] - 2022-04-06 12 | 13 | ## [0.12.2.1] - 2021-09-06 14 | 15 | 16 | ## [0.15.0] - 2021-06-18 17 | ### :bug: Bug Fixes 18 | - [`3dda746`](https://github.com/clouddrove/terraform-aws-iam-user/commit/3dda746fe16a16a20cce444d1487400e5dbcf330) - update github-action 19 | 20 | 21 | ## [0.14.1] - 2021-04-14 22 | ### :bug: Bug Fixes 23 | - [`973df32`](https://github.com/clouddrove/terraform-aws-iam-user/commit/973df32f865857ada7354c70daef2cf56e1a9c09) - update in 0.15 24 | 25 | ## [0.14.0] - 2021-01-19 26 | ### :bug: Bug Fixes 27 | - [`b868631`](https://github.com/clouddrove/terraform-aws-iam-user/commit/b868631a292b3e810d6288cafedb5360cdffdd4f) - fix static variable 28 | - [`6c62667`](https://github.com/clouddrove/terraform-aws-iam-user/commit/6c6266790a49a56cceacc8e33928507c684625e7) - aws_secrt_encrypted 29 | 30 | 31 | ## [0.13.0] - 2020-10-28 32 | ### :bug: Bug Fixes 33 | - [`578b776`](https://github.com/clouddrove/terraform-aws-iam-user/commit/578b776ef96b9dc08b83e5fc3ff085c7561e67eb) - Upgrade to 0.14 34 | - [`f11932b`](https://github.com/clouddrove/terraform-aws-iam-user/commit/f11932bdbd7a8f4c3dee09a0ad6e28b211eb9687) - change tag name in main.tf 35 | - [`1a1bbed`](https://github.com/clouddrove/terraform-aws-iam-user/commit/1a1bbeddc5117908da062e03eec44f00532b0714) - upgrade terraform version 0.14 36 | 37 | 38 | ## [0.12.4] - 2020-01-15 39 | ### :bug: Bug Fixes 40 | - [`e1d1869`](https://github.com/clouddrove/terraform-aws-iam-user/commit/e1d1869c0158e62dd83f1a859f6635a6668b1e1c) - upgrade terraform version to 0.13.0 and add pipelines 41 | 42 | 43 | ## [0.12.3] - 2020-05-24 44 | ### :bug: Bug Fixes 45 | - [`928d8d2`](https://github.com/clouddrove/terraform-aws-iam-user/commit/928d8d23f42da5b5a1fd1db5e5ff0f2c9dec7ff9) - change function to attach policy 46 | 47 | 48 | ## [0.12.2] - 2020-03-30 49 | ### :bug: Bug Fixes 50 | - [`e6b5429`](https://github.com/clouddrove/terraform-aws-iam-user/commit/e6b54293db6837f23f5b9c72811feb431903d773) - fix teratest 51 | - [`145570e`](https://github.com/clouddrove/terraform-aws-iam-user/commit/145570e7013cb66bb38d7179aee2c9a7d2949071) - Add unique_id to the outputs 52 | 53 | 54 | ## [0.12.1] - 2020-01-29 55 | ### :bug: Bug Fixes 56 | - [`9450b35`](https://github.com/clouddrove/terraform-aws-iam-user/commit/9450b35ac7e08c9d3f64361391a2dd5966db12f7) - fix labels managedby variables 57 | 58 | 59 | ## [v0.12.0] - 2019-09-19 60 | ### :bug: Bug Fixes 61 | - [`b96abe8`](https://github.com/clouddrove/terraform-aws-iam-user/commit/b96abe8292e1bd6f335edaf18743258d64409999) - update module with policy arn 62 | 63 | 64 | [0.12.0]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.12.0...master 65 | [0.12.1]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.12.0...0.12.1 66 | [0.12.2]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.12.1...0.12.2 67 | [0.12.3]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.12.2...0.12.3 68 | [0.12.4]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.12.3...0.12.4 69 | [0.13.0]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.12.4...0.13.0 70 | [0.14.0]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.13.0...0.14.0 71 | [0.14.1]:https://github.com/clouddrove/terraform-aws-iam-user/compare/0.14.0...0.14.1 72 | [0.15.0]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.14.1...0.15.0 73 | [0.12.2.1]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.15.0...0.12.2.1 74 | [1.0.1]: https://github.com/clouddrove/terraform-aws-iam-user/compare/0.12.2.1...1.0.1 75 | [1.3.0]: https://github.com/clouddrove/terraform-aws-iam-user/compare/1.0.1...1.3.0 -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright 2021 CloudDrove Inc. 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | export GENIE_PATH ?= $(shell 'pwd')/../../../genie 2 | 3 | include $(GENIE_PATH)/Makefile 4 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | [![Banner](https://github.com/clouddrove/terraform-module-template/assets/119565952/67a8a1af-2eb7-40b7-ae07-c94cde9ce062)][website] 3 |

4 | Terraform AWS Iam User 5 |

6 | 7 |

8 | With our comprehensive DevOps toolkit - streamline operations, automate workflows, enhance collaboration and, most importantly, deploy with confidence. 9 |

10 | 11 | 12 |

13 | 14 | 15 | Latest Release 16 | 17 | 18 | tfsec 19 | 20 | 21 | Licence 22 | 23 | 24 | Changelog 25 | 26 | 27 | 28 |

29 |

30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 |

45 |
46 | 47 | 48 | We are a group of DevOps engineers & architects, joining hands in this ever evolving digital landscape. With our strong belief in Automation; just like microservices, always on the lookout to split the the infrastructure into smaller connected resources (database, cluster and more) which could be standardized, are manageable, scalable, secure & follow industry best practices. 49 | 50 | 51 | This module includes Terraform open source, examples, and automation tests (for better understanding), which would help you create and improve your infrastructure with minimalistic coding. 52 | 53 | 54 | 55 | 56 | ## Prerequisites and Providers 57 | 58 | This table contains both Prerequisites and Providers: 59 | 60 | | Description | Name | Version | 61 | |:-------------:|:-------------------------------------------:|:---------:| 62 | | **Prerequisite** | [Terraform](https://learn.hashicorp.com/terraform/getting-started/install.html) | >= 1.6.6 | 63 | | **Provider** | [aws](https://aws.amazon.com/) | >= 5.31.0 | 64 | 65 | 66 | 67 | 68 | 69 | ## Examples 70 | 71 | **IMPORTANT:** Since the master branch used in source varies based on new modifications, we recommend using the [release versions](https://github.com/clouddrove/terraform-aws-iam-user/releases). 72 | 73 | 📌 For additional usage examples, check the complete list under [`examples/`](./examples) directory. 74 | 75 | 76 | 77 | ## Inputs and Outputs 78 | 79 | Refer to complete documentation: [here](docs/io.md) 80 | 81 | 82 | 93 | 94 | 95 | ## Module Dependencies 96 | 97 | This module has dependencies on: 98 | - [Labels Module](https://github.com/clouddrove/terraform-aws-labels): Provides resource tagging. 99 | 100 | 101 | ## 📑 Changelog 102 | 103 | Refer [here](CHANGELOG.md). 104 | 105 | 106 | 107 | 108 | ## ✨ Contributors 109 | 110 | Big thanks to our contributors for elevating our project with their dedication and expertise! But, we do not wish to stop there, would like to invite contributions from the community in improving these projects and making them more versatile for better reach. Remember, every bit of contribution is immensely valuable, as, together, we are moving in only 1 direction, i.e. forward. 111 | 112 | 113 | 114 | 115 |
116 |
117 | 118 | If you're considering contributing to our project, here are a few quick guidelines that we have been following (Got a suggestion? We are all ears!): 119 | 120 | - **Fork the Repository:** Create a new branch for your feature or bug fix. 121 | - **Coding Standards:** You know the drill. 122 | - **Clear Commit Messages:** Write clear and concise commit messages to facilitate understanding. 123 | - **Thorough Testing:** Test your changes thoroughly before submitting a pull request. 124 | - **Documentation Updates:** Include relevant documentation updates if your changes impact it. 125 | 126 | 127 | 128 | 129 | 130 | 131 | 132 | 133 | 134 | 135 | 136 | 137 | 138 | ## Feedback 139 | Spot a bug or have thoughts to share with us? Let's squash it together! Log it in our [issue tracker](https://github.com/clouddrove/terraform-aws-iam-user/issues), feel free to drop us an email at [hello@clouddrove.com](mailto:hello@clouddrove.com). 140 | 141 | Show some love with a ★ on [our GitHub](https://github.com/clouddrove/terraform-aws-iam-user)! if our work has brightened your day! – your feedback fuels our journey! 142 | 143 | 144 | ## :rocket: Our Accomplishment 145 | 146 | We have [*100+ Terraform modules*][terraform_modules] 🙌. You could consider them finished, but, with enthusiasts like yourself, we are able to ever improve them, so we call our status - improvement in progress. 147 | 148 | - [Terraform Module Registry:](https://registry.terraform.io/namespaces/clouddrove) Discover our Terraform modules here. 149 | 150 | - [Terraform Modules for AWS/Azure Modules:](https://github.com/clouddrove/toc) Explore our comprehensive Table of Contents for easy navigation through our documentation for modules pertaining to AWS, Azure & GCP. 151 | 152 | - [Terraform Modules for Digital Ocean:](https://github.com/terraform-do-modules/toc) Check out our specialized Terraform modules for Digital Ocean. 153 | 154 | 155 | 156 | 157 | ## Join Our Slack Community 158 | 159 | Join our vibrant open-source slack community and embark on an ever-evolving journey with CloudDrove; helping you in moving upwards in your career path. 160 | Join our vibrant Open Source Slack Community and embark on a learning journey with CloudDrove. Grow with us in the world of DevOps and set your career on a path of consistency. 161 | 162 | 🌐💬What you'll get after joining this Slack community: 163 | 164 | - 🚀 Encouragement to upgrade your best version. 165 | - 🌈 Learning companionship with our DevOps squad. 166 | - 🌱 Relentless growth with daily updates on new advancements in technologies. 167 | 168 | Join our tech elites [Join Now][slack] 🚀 169 | 170 | 171 | ## Explore Our Blogs 172 | 173 | Click [here][blog] :books: :star2: 174 | 175 | ## Tap into our capabilities 176 | We provide a platform for organizations to engage with experienced top-tier DevOps & Cloud services. Tap into our pool of certified engineers and architects to elevate your DevOps and Cloud Solutions. 177 | 178 | At [CloudDrove][website], has extensive experience in designing, building & migrating environments, securing, consulting, monitoring, optimizing, automating, and maintaining complex and large modern systems. With remarkable client footprints in American & European corridors, our certified architects & engineers are ready to serve you as per your requirements & schedule. Write to us at [business@clouddrove.com](mailto:business@clouddrove.com). 179 | 180 |

We are The Cloud Experts!

181 |
182 |

We ❤️ Open Source and you can check out our other modules to get help with your new Cloud ideas.

183 | 184 | [website]: https://clouddrove.com 185 | [blog]: https://blog.clouddrove.com 186 | [slack]: https://www.launchpass.com/devops-talks 187 | [github]: https://github.com/clouddrove 188 | [linkedin]: https://cpco.io/linkedin 189 | [twitter]: https://twitter.com/clouddrove/ 190 | [email]: https://clouddrove.com/contact-us.html 191 | [terraform_modules]: https://github.com/clouddrove?utf8=%E2%9C%93&q=terraform-&type=&language= 192 | -------------------------------------------------------------------------------- /README.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # 3 | # This is the canonical configuration for the `README.md` 4 | # Run `make readme` to rebuild the `README.md` 5 | # 6 | 7 | # Name of this project 8 | name : Terraform AWS Iam User 9 | 10 | # License of this project 11 | license: "APACHE" 12 | 13 | # Canonical GitHub repo 14 | github_repo: clouddrove/terraform-aws-iam-user 15 | 16 | # Badges to display 17 | badges: 18 | - name: "Latest Release" 19 | image: "https://img.shields.io/github/release/clouddrove/terraform-aws-iam-user.svg" 20 | url: "https://github.com/clouddrove/terraform-aws-iam-user/releases/latest" 21 | - name: "tfsec" 22 | image: "https://github.com/clouddrove/terraform-aws-iam-user/actions/workflows/tfsec.yml/badge.svg" 23 | url: "https://github.com/clouddrove/terraform-aws-iam-user/actions/workflows/tfsec.yml" 24 | - name: "Licence" 25 | image: "https://img.shields.io/badge/License-APACHE-blue.svg" 26 | url: "LICENSE.md" 27 | - name: "Changelog" 28 | image: "https://img.shields.io/badge/Changelog-blue" 29 | url: "CHANGELOG.md" 30 | 31 | prerequesties: 32 | - name: Terraform 33 | url: https://learn.hashicorp.com/terraform/getting-started/install.html 34 | version: ">= 1.6.6" 35 | 36 | providers: 37 | - name: aws 38 | url: https://aws.amazon.com/ 39 | version: ">= 5.31.0" 40 | 41 | module_dependencies: 42 | - name: Labels Module 43 | url: https://github.com/clouddrove/terraform-aws-labels 44 | description: Provides resource tagging. 45 | 46 | 47 | # description of this project 48 | description: |- 49 | Terraform module to create Iam user resource on AWS. 50 | 51 | # How to use this project 52 | usage : |- 53 | ### Simple example 54 | Here is an example of how you can use this module in your inventory structure: 55 | ```hcl 56 | module "iam-user" { 57 | source = "clouddrove/iam-user/aws" 58 | version = "1.3.0" 59 | name = "iam-user" 60 | environment = "test" 61 | label_order = ["name","environment"] 62 | policy_enabled = true 63 | policy = data.aws_iam_policy_document.default.json 64 | password_length = 20 65 | password_reset_required = true 66 | } 67 | 68 | data "aws_iam_policy_document" "default" { 69 | statement { 70 | actions = [ 71 | "ec2:Describe*" 72 | ] 73 | effect = "Allow" 74 | resources = ["*"] 75 | } 76 | } 77 | ``` 78 | -------------------------------------------------------------------------------- /docs/io.md: -------------------------------------------------------------------------------- 1 | ## Inputs 2 | 3 | | Name | Description | Type | Default | Required | 4 | |------|-------------|------|---------|:--------:| 5 | | attributes | Additional attributes (e.g. `1`). | `list(any)` | `[]` | no | 6 | | create\_iam\_user\_login\_profile | Whether to create IAM user login profile | `bool` | `true` | no | 7 | | create\_user | Whether to create the IAM user | `bool` | `true` | no | 8 | | delimiter | Delimiter to be used between `organization`, `environment`, `name` and `attributes`. | `string` | `"-"` | no | 9 | | enabled | Whether to create Iam user. | `bool` | `true` | no | 10 | | environment | Environment (e.g. `prod`, `dev`, `staging`). | `string` | `""` | no | 11 | | force\_destroy | When destroying this user, destroy even if it has non-Terraform-managed IAM access keys, login profile or MFA devices. Without force\_destroy a user with non-Terraform-managed access keys and login profile will fail to be destroyed. | `bool` | `false` | no | 12 | | groups | (Optional) List of IAM groups to add the User to. | `list(string)` | `[]` | no | 13 | | label\_order | Label order, e.g. `name`,`application`. | `list(any)` | `[]` | no | 14 | | managedby | ManagedBy, eg 'CloudDrove' | `string` | `"hello@clouddrove.com"` | no | 15 | | name | Name (e.g. `app` or `cluster`). | `string` | `""` | no | 16 | | password\_length | The length of the generated password | `number` | `20` | no | 17 | | password\_reset\_required | Whether the user should be forced to reset the generated password on first login. | `bool` | `true` | no | 18 | | path | The path to the role. | `string` | `"/"` | no | 19 | | permissions\_boundary | The ARN of the policy that is used to set the permissions boundary for the role. | `string` | `""` | no | 20 | | pgp\_key | Either a base-64 encoded PGP public key, or a keybase username in the form keybase:some\_person\_that\_exists. | `string` | `""` | no | 21 | | policy | The policy document. | `any` | `null` | no | 22 | | policy\_arn | The ARN of the policy you want to apply. | `string` | `""` | no | 23 | | policy\_enabled | Whether to Attach Iam policy with user. | `bool` | `false` | no | 24 | | repository | Terraform current module repo | `string` | `"https://github.com/clouddrove/terraform-aws-iam-user"` | no | 25 | | ssh\_key\_encoding | Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use SSH. To retrieve the public key in PEM format, use PEM | `string` | `"SSH"` | no | 26 | | ssh\_public\_key | The SSH public key. The public key must be encoded in ssh-rsa format or PEM format | `string` | `""` | no | 27 | | status | The access key status to apply. Defaults to Active. Valid values are Active and Inactive. | `string` | `"Active"` | no | 28 | | tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`). | `map(any)` | `{}` | no | 29 | | upload\_iam\_user\_ssh\_key | Whether to upload a public ssh key to the IAM user | `bool` | `false` | no | 30 | 31 | ## Outputs 32 | 33 | | Name | Description | 34 | |------|-------------| 35 | | arn | The ARN assigned by AWS for this user. | 36 | | key\_id | The access key ID. | 37 | | secret | The secret access key. Note that this will be written to the state file. Please supply a pgp\_key instead, which will prevent the secret from being stored in plain text. | 38 | | tags | A mapping of tags to assign to the resource. | 39 | | unique\_id | The unique ID assigned by AWS for this user. | 40 | 41 | -------------------------------------------------------------------------------- /examples/example.tf: -------------------------------------------------------------------------------- 1 | provider "aws" { 2 | region = "eu-west-1" 3 | } 4 | 5 | module "iam-user" { 6 | source = "../" 7 | 8 | name = "iam-user" 9 | environment = "test" 10 | label_order = ["name", "environment"] 11 | 12 | policy_enabled = false 13 | policy = data.aws_iam_policy_document.default.json 14 | pgp_key = "" 15 | password_length = 20 16 | password_reset_required = true 17 | } 18 | 19 | data "aws_iam_policy_document" "default" { 20 | statement { 21 | actions = [ 22 | "ec2:Describe*" 23 | ] 24 | effect = "Allow" 25 | resources = ["*"] 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /examples/outputs.tf: -------------------------------------------------------------------------------- 1 | output "arn" { 2 | value = module.iam-user.*.arn 3 | description = "The ARN assigned by AWS for this user." 4 | } 5 | 6 | output "unique_id" { 7 | value = module.iam-user.*.unique_id 8 | description = "The unique ID assigned by AWS for this user." 9 | } 10 | 11 | output "key_id" { 12 | value = module.iam-user.*.key_id 13 | description = "The ARN assigned by AWS for this user." 14 | } 15 | 16 | output "secret" { 17 | value = module.iam-user.*.secret 18 | description = "The ARN assigned by AWS for this user." 19 | sensitive = true 20 | } 21 | 22 | output "tags" { 23 | value = module.iam-user.tags 24 | description = "A mapping of tags to assign to the resource." 25 | } 26 | -------------------------------------------------------------------------------- /examples/versions.tf: -------------------------------------------------------------------------------- 1 | # Terraform version 2 | terraform { 3 | required_version = ">= 1.6.6" 4 | 5 | required_providers { 6 | aws = { 7 | source = "hashicorp/aws" 8 | version = ">= 5.31.0" 9 | } 10 | } 11 | } -------------------------------------------------------------------------------- /main.tf: -------------------------------------------------------------------------------- 1 | # Managed By : CloudDrove 2 | # Description : Terraform module to create IAM user resource on AWS. 3 | # Copyright @ CloudDrove. All Right Reserved. 4 | 5 | #Module : label 6 | #Description : This terraform module is designed to generate consistent label names and tags 7 | # for resources. You can use terraform-labels to implement a strict naming 8 | # convention. 9 | 10 | 11 | module "labels" { 12 | source = "clouddrove/labels/aws" 13 | version = "1.3.0" 14 | 15 | name = var.name 16 | environment = var.environment 17 | repository = var.repository 18 | managedby = var.managedby 19 | attributes = var.attributes 20 | label_order = var.label_order 21 | } 22 | 23 | # Module : IAM user 24 | # Description : Terraform module to create IAm user resource on AWS. 25 | resource "aws_iam_user" "default" { 26 | count = var.enabled ? 1 : 0 27 | 28 | name = module.labels.id 29 | force_destroy = var.force_destroy 30 | path = var.path 31 | permissions_boundary = var.permissions_boundary 32 | tags = module.labels.tags 33 | } 34 | 35 | resource "aws_iam_access_key" "default" { 36 | count = var.enabled ? 1 : 0 37 | user = aws_iam_user.default.*.name[0] 38 | pgp_key = var.pgp_key 39 | status = var.status 40 | } 41 | 42 | resource "aws_iam_user_policy" "default" { 43 | count = var.enabled && var.policy_enabled && var.policy_arn == "" ? 1 : 0 44 | name = format("%s-policy", module.labels.id) 45 | user = aws_iam_user.default.*.name[0] 46 | policy = var.policy 47 | } 48 | 49 | resource "aws_iam_user_policy_attachment" "default" { 50 | count = var.enabled && var.policy_enabled && var.policy_arn != "" ? 1 : 0 51 | user = aws_iam_user.default.*.name[0] 52 | policy_arn = var.policy_arn 53 | } 54 | 55 | resource "aws_iam_user_group_membership" "default" { 56 | count = var.enabled && length(var.groups) > 0 ? 1 : 0 57 | user = aws_iam_user.default[count.index].name 58 | groups = var.groups 59 | depends_on = [aws_iam_user.default] 60 | } 61 | 62 | resource "aws_iam_user_login_profile" "default" { 63 | count = var.create_user && var.create_iam_user_login_profile ? 1 : 0 64 | user = aws_iam_user.default[0].name 65 | password_length = var.password_length 66 | password_reset_required = var.password_reset_required 67 | } 68 | 69 | resource "aws_iam_user_ssh_key" "default" { 70 | count = var.create_user && var.upload_iam_user_ssh_key ? 1 : 0 71 | username = aws_iam_user.default[0].name 72 | encoding = var.ssh_key_encoding 73 | public_key = var.ssh_public_key 74 | } -------------------------------------------------------------------------------- /outputs.tf: -------------------------------------------------------------------------------- 1 | # Module : Iam Role 2 | # Description : Terraform module to create Iam Role resource on AWS. 3 | output "arn" { 4 | value = join("", aws_iam_user.default.*.arn) 5 | description = "The ARN assigned by AWS for this user." 6 | } 7 | 8 | output "unique_id" { 9 | value = join("", aws_iam_user.default.*.unique_id) 10 | description = "The unique ID assigned by AWS for this user." 11 | } 12 | 13 | output "key_id" { 14 | value = join("", aws_iam_access_key.default.*.id) 15 | description = "The access key ID." 16 | } 17 | 18 | output "secret" { 19 | value = var.pgp_key == "" ? join("", aws_iam_access_key.default.*.secret) : join("", aws_iam_access_key.default.*.encrypted_secret) 20 | description = "The secret access key. Note that this will be written to the state file. Please supply a pgp_key instead, which will prevent the secret from being stored in plain text." 21 | sensitive = true 22 | } 23 | 24 | output "tags" { 25 | value = module.labels.tags 26 | description = "A mapping of tags to assign to the resource." 27 | } -------------------------------------------------------------------------------- /variables.tf: -------------------------------------------------------------------------------- 1 | #Module : LABEL 2 | #Description : Terraform label module variables 3 | variable "name" { 4 | type = string 5 | default = "" 6 | description = "Name (e.g. `app` or `cluster`)." 7 | } 8 | variable "repository" { 9 | type = string 10 | default = "https://github.com/clouddrove/terraform-aws-iam-user" 11 | description = "Terraform current module repo" 12 | } 13 | 14 | 15 | variable "environment" { 16 | type = string 17 | default = "" 18 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 19 | } 20 | 21 | variable "label_order" { 22 | type = list(any) 23 | default = [] 24 | description = "Label order, e.g. `name`,`application`." 25 | } 26 | 27 | variable "attributes" { 28 | type = list(any) 29 | default = [] 30 | description = "Additional attributes (e.g. `1`)." 31 | } 32 | 33 | variable "delimiter" { 34 | type = string 35 | default = "-" 36 | description = "Delimiter to be used between `organization`, `environment`, `name` and `attributes`." 37 | } 38 | 39 | variable "tags" { 40 | type = map(any) 41 | default = {} 42 | description = "Additional tags (e.g. map(`BusinessUnit`,`XYZ`)." 43 | } 44 | 45 | variable "managedby" { 46 | type = string 47 | default = "hello@clouddrove.com" 48 | description = "ManagedBy, eg 'CloudDrove'" 49 | } 50 | 51 | # Module : Iam Role 52 | # Description : Terraform Iam Role module variables. 53 | variable "enabled" { 54 | type = bool 55 | default = true 56 | description = "Whether to create Iam user." 57 | } 58 | 59 | variable "force_destroy" { 60 | type = bool 61 | default = false 62 | description = "When destroying this user, destroy even if it has non-Terraform-managed IAM access keys, login profile or MFA devices. Without force_destroy a user with non-Terraform-managed access keys and login profile will fail to be destroyed." 63 | } 64 | 65 | variable "path" { 66 | type = string 67 | default = "/" 68 | description = "The path to the role." 69 | } 70 | 71 | variable "permissions_boundary" { 72 | type = string 73 | default = "" 74 | description = "The ARN of the policy that is used to set the permissions boundary for the role." 75 | sensitive = true 76 | } 77 | 78 | variable "pgp_key" { 79 | type = string 80 | default = "" 81 | description = "Either a base-64 encoded PGP public key, or a keybase username in the form keybase:some_person_that_exists." 82 | sensitive = true 83 | } 84 | 85 | variable "status" { 86 | type = string 87 | default = "Active" 88 | description = "The access key status to apply. Defaults to Active. Valid values are Active and Inactive." 89 | } 90 | 91 | variable "policy" { 92 | default = null 93 | description = "The policy document." 94 | } 95 | 96 | variable "policy_enabled" { 97 | type = bool 98 | default = false 99 | description = "Whether to Attach Iam policy with user." 100 | } 101 | 102 | variable "policy_arn" { 103 | type = string 104 | default = "" 105 | description = "The ARN of the policy you want to apply." 106 | sensitive = true 107 | } 108 | 109 | variable "groups" { 110 | type = list(string) 111 | default = [] 112 | description = "(Optional) List of IAM groups to add the User to." 113 | } 114 | 115 | variable "create_user" { 116 | type = bool 117 | default = true 118 | description = "Whether to create the IAM user" 119 | } 120 | 121 | variable "create_iam_user_login_profile" { 122 | type = bool 123 | default = true 124 | description = "Whether to create IAM user login profile" 125 | } 126 | 127 | variable "password_reset_required" { 128 | type = bool 129 | default = true 130 | description = "Whether the user should be forced to reset the generated password on first login." 131 | } 132 | 133 | variable "password_length" { 134 | type = number 135 | default = 20 136 | description = "The length of the generated password" 137 | } 138 | 139 | variable "upload_iam_user_ssh_key" { 140 | type = bool 141 | default = false 142 | description = "Whether to upload a public ssh key to the IAM user" 143 | } 144 | variable "ssh_key_encoding" { 145 | type = string 146 | default = "SSH" 147 | description = "Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use SSH. To retrieve the public key in PEM format, use PEM" 148 | } 149 | 150 | variable "ssh_public_key" { 151 | type = string 152 | default = "" 153 | description = "The SSH public key. The public key must be encoded in ssh-rsa format or PEM format" 154 | } 155 | 156 | -------------------------------------------------------------------------------- /versions.tf: -------------------------------------------------------------------------------- 1 | # Terraform version 2 | terraform { 3 | required_version = ">= 1.6.6" 4 | 5 | required_providers { 6 | aws = { 7 | source = "hashicorp/aws" 8 | version = ">= 5.31.0" 9 | } 10 | } 11 | } --------------------------------------------------------------------------------