Skip to content

joheee/AwsIAM

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AWS IAM Terraform

Terraform project that sets up AWS IAM users and groups with role-based access.

What this does

Users are placed into groups. Each group has one AWS managed policy attached. Users inherit permissions from their group, not from policies assigned directly to them.

There are three roles:

  • Adminadmin_useradmin_groupAdministratorAccess (full account access)
  • DevOpsdevops_userdevops_groupPowerUserAccess (manage resources, no IAM changes)
  • Auditorauditor_userauditor_groupReadOnlyAccess (view only)

Design Architecture

flowchart TB
    subgraph Users["IAM Users"]
        U1["admin_user"]
        U2["devops_user"]
        U3["auditor_user"]
    end

    subgraph Groups["IAM Groups"]
        G1["admin_group"]
        G2["devops_group"]
        G3["auditor_group"]
    end

    subgraph Policies["AWS Managed Policies"]
        P1["AdministratorAccess"]
        P2["PowerUserAccess"]
        P3["ReadOnlyAccess"]
    end

    U1 -->|member of| G1
    U2 -->|member of| G2
    U3 -->|member of| G3

    G1 -->|attached| P1
    G2 -->|attached| P2
    G3 -->|attached| P3
Loading

About

Boilerplate AWS automation of IAM User Group and Policies using Terraform

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages