Skip to content

joheee/AwsIAM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
modules
modules
 
 
.gitignore
.gitignore
 
 
.terraform.lock.hcl
.terraform.lock.hcl
 
 
main.tf
main.tf
 
 
providers.tf
providers.tf
 
 
readme.md
readme.md
 
 

Repository files navigation

AWS IAM Terraform

Terraform project that sets up AWS IAM users and groups with role-based access.

What this does

Users are placed into groups. Each group has one AWS managed policy attached. Users inherit permissions from their group, not from policies assigned directly to them.

There are three roles:

  • Adminadmin_useradmin_groupAdministratorAccess (full account access)
  • DevOpsdevops_userdevops_groupPowerUserAccess (manage resources, no IAM changes)
  • Auditorauditor_userauditor_groupReadOnlyAccess (view only)

Design Architecture

flowchart TB
    subgraph Users["IAM Users"]
        U1["admin_user"]
        U2["devops_user"]
        U3["auditor_user"]
    end

    subgraph Groups["IAM Groups"]
        G1["admin_group"]
        G2["devops_group"]
        G3["auditor_group"]
    end

    subgraph Policies["AWS Managed Policies"]
        P1["AdministratorAccess"]
        P2["PowerUserAccess"]
        P3["ReadOnlyAccess"]
    end

    U1 -->|member of| G1
    U2 -->|member of| G2
    U3 -->|member of| G3

    G1 -->|attached| P1
    G2 -->|attached| P2
    G3 -->|attached| P3
Loading

About

Boilerplate AWS automation of IAM User Group and Policies using Terraform

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages