How to Setup IAM Roles in AWS using Terraform

terraform
Reading Time: 3 minutes
This image has an empty alt attribute; its file name is hqdefault.jpg

Hello Readers, In this blog we’ll see that how we can set-up or create IAM roles in AWS using terraform. Before starting you must have Terraform, AWS CLI install on your machine and they both must be configure. 

What is IAM Roles in AWS ?

AWS Identity and Access Management (IAM) is a web service that you can use to securely control access to AWS resources. Use IAM to control who authenticates (signs in) and authorizes (permits) the use of resources.

SO LET’S GET START!

It is easy to create IAM roles using terraform. In order to do so you should follow certain steps. These are as follows:

  • Go the given URL and copy the content from the terraform docs of aws_iam_role.
  • Open your terminal and make one directory and and under that dir make file named as iam.tf, and paste the content that you have copied from the url.

Run the following commands to do so :

cd Documents
mkdir terraform
cd terraform
mkdir aws
cd aws
nano roles.tf
  • Check your file by :
cat roles.tf
resource "aws_iam_user" "user" {
  name = "test-user"
}

resource "aws_iam_role" "role" {
  name = "test-role"

  assume_role_policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": "ec2.amazonaws.com"
      },
      "Effect": "Allow",
      "Sid": ""
    }
  ]
}
EOF
}

resource "aws_iam_group" "group" {
  name = "test-group"
}

resource "aws_iam_policy" "policy" {
  name        = "test-policy"
  description = "A test policy"

  policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "ec2:Describe*"
      ],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}
EOF
}

resource "aws_iam_policy_attachment" "test-attach" {
  name       = "test-attachment"
  users      = [aws_iam_user.user.name]
  roles      = [aws_iam_role.role.name]
  groups     = [aws_iam_group.group.name]
  policy_arn = aws_iam_policy.policy.arn
}

  • Remember you should have aws CLI in your local machine and then Configure your AWS by running the command:
aws configure
  • Make one more file named as provider.tf to give your credentials for AWS as:
provider "aws"{
region = "us-east-1"
access_key = "Your_Access_Key"
secret_key = "Your_Secret_Key"
}

  • Now run the command to the as:
terraform init
This image has an empty alt attribute; its file name is Screenshot-from-2022-02-16-13-02-21.png
  • Now let’s plan it . Plan is basically you are creating anything and what exactly you will get as the result.
terraform plan
This image has an empty alt attribute; its file name is Screenshot-from-2022-02-16-13-09-46.png
  • finally run the command given below to apply it. You will see your IAM roles is creating after providing it the value as ‘Yes’.
terraform apply
This image has an empty alt attribute; its file name is Screenshot-from-2022-02-16-13-13-36.png

So , Yes we have successfully created our IAM roles using terraform in AWS.

Happy Learning!

Conclusion

So, In this blog we have seen in some simple steps how we can create IAM roles in AWS using Terraform.Thanks for being with me till the end. If you find this blog helpful do share with your friends.

Reference

Click Here

knoldus

Written by 

Ashi Dubey is a Software Intern at Knoldus Inc Software. She has a keen interest toward learning new technologies. Her practice area is Devops. When not working, you will find her with a Book.