2023-11-01 00:02:56 +02:00
|
|
|
terraform {
|
|
|
|
|
backend "s3" {
|
|
|
|
|
profile = "terra"
|
|
|
|
|
bucket = "mytesting-tf-states"
|
|
|
|
|
key = "000000000000/iam/users_and_groups/cli_users/terraform.tfstate"
|
|
|
|
|
region = "eu-west-1"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
locals {
|
|
|
|
|
cli_users = {
|
|
|
|
|
"ci" = {
|
|
|
|
|
name = "ci"
|
|
|
|
|
email = "ci@home.co"
|
|
|
|
|
},
|
|
|
|
|
"engine" = {
|
|
|
|
|
name = "engine"
|
|
|
|
|
email = "ci@home.co"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#######################################
|
|
|
|
|
### creating group 1 and service users
|
|
|
|
|
#######################################
|
|
|
|
|
|
|
|
|
|
resource "aws_iam_group" "group_1" {
|
|
|
|
|
name = var.group_name
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "aws_iam_user" "cli_users" {
|
|
|
|
|
for_each = local.cli_users
|
|
|
|
|
|
|
|
|
|
name = each.key
|
|
|
|
|
force_destroy = false
|
2023-11-02 02:43:10 +02:00
|
|
|
|
|
|
|
|
tags = {
|
|
|
|
|
name = each.value.name,
|
|
|
|
|
email = each.value.email
|
|
|
|
|
}
|
2023-11-01 00:02:56 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "aws_iam_access_key" "user_access_key" {
|
|
|
|
|
for_each = local.cli_users
|
|
|
|
|
user = each.key
|
|
|
|
|
depends_on = [aws_iam_user.cli_users]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "aws_iam_group_membership" "group_1" {
|
|
|
|
|
for_each = local.cli_users
|
|
|
|
|
name = aws_iam_group.group_1.name
|
|
|
|
|
|
|
|
|
|
users = [each.key]
|
|
|
|
|
group = aws_iam_group.group_1.name
|
|
|
|
|
}
|
