Is it possible to assign an username to a role using terraform ? The closest I've found was aws_iam_policy_attachment or aws_iam_user_policy_attachment but both of them are for attaching policies..

CodePudding user response：

AWS has terraform modules that can manage roles, but the examples for doing this are long and difficult to peal apart and understand. I have started down this rabbit hole with eks clusters, but it is a long slog. Frankly, they could do a better job of it. See https://registry.terraform.io/namespaces/terraform-aws-modules

UPDATE: I have successfully assigned IAM roles to a user using terraform using the examples provided in https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/examples/self_managed_node_group/main.tf and then mashing together lines 206-225 in https://github.com/David-Kent-Consulting/OCI_R1_0_07_apr_2020/blob/dev_OCI_updates/master/dev/Oci-AddDbSystem.py with appropriate modifications for my POC. Keep plugging away at it, the code works, if only the documentation were better......

CodePudding user response：

It's impossible to directly attach a role to a user and via terraform it will also be impossible. But as I know there is way called "assume role" and for using this we need to attach a policy to a user that gives a permission to assume the specified role. And after attaching this policy to a user the user will have permissions that is described in the role