Is it possible to assign an username to a role using terraform ? The closest I've found was aws_iam_policy_attachment or aws_iam_user_policy_attachment but both of them are for attaching policies..
CodePudding user response:
AWS has terraform modules that can manage roles, but the examples for doing this are long and difficult to peal apart and understand. I have started down this rabbit hole with eks clusters, but it is a long slog. Frankly, they could do a better job of it. See https://registry.terraform.io/namespaces/terraform-aws-modules
UPDATE: I have successfully assigned IAM roles to a user using terraform using the examples provided in https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/examples/self_managed_node_group/main.tf and then mashing together lines 206-225 in https://github.com/David-Kent-Consulting/OCI_R1_0_07_apr_2020/blob/dev_OCI_updates/master/dev/Oci-AddDbSystem.py with appropriate modifications for my POC. Keep plugging away at it, the code works, if only the documentation were better......
CodePudding user response:
It's impossible to directly attach a role to a user and via terraform it will also be impossible. But as I know there is way called "assume role" and for using this we need to attach a policy to a user that gives a permission to assume the specified role. And after attaching this policy to a user the user will have permissions that is described in the role