Hello Readers, In this blog we’ll see that how we can set-up or create IAM roles in AWS using terraform. Before starting you must have Terraform, AWS CLI install on your machine and they both must be configure.
What is IAM Roles in AWS ?
AWS Identity and Access Management (IAM) is a web service that you can use to securely control access to AWS resources. Use IAM to control who authenticates (signs in) and authorizes (permits) the use of resources.
SO LET’S GET START!
It is easy to create IAM roles using terraform. In order to do so you should follow certain steps. These are as follows:
- Go the given URL and copy the content from the terraform docs of aws_iam_role.
- Open your terminal and make one directory and and under that dir make file named as iam.tf, and paste the content that you have copied from the url.
Run the following commands to do so :
cd Documents
mkdir terraform
cd terraform
mkdir aws
cd aws
nano roles.tf
- Check your file by :
cat roles.tfresource "aws_iam_user" "user" {
name = "test-user"
}
resource "aws_iam_role" "role" {
name = "test-role"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
}
resource "aws_iam_group" "group" {
name = "test-group"
}
resource "aws_iam_policy" "policy" {
name = "test-policy"
description = "A test policy"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:Describe*"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
EOF
}
resource "aws_iam_policy_attachment" "test-attach" {
name = "test-attachment"
users = [aws_iam_user.user.name]
roles = [aws_iam_role.role.name]
groups = [aws_iam_group.group.name]
policy_arn = aws_iam_policy.policy.arn
}
- Remember you should have aws CLI in your local machine and then Configure your AWS by running the command:
aws configure- Make one more file named as provider.tf to give your credentials for AWS as:
provider "aws"{
region = "us-east-1"
access_key = "Your_Access_Key"
secret_key = "Your_Secret_Key"
}
- Now run the command to the as:
terraform init
- Now let’s plan it . Plan is basically you are creating anything and what exactly you will get as the result.
terraform plan
- finally run the command given below to apply it. You will see your IAM roles is creating after providing it the value as ‘Yes’.
terraform apply
So , Yes we have successfully created our IAM roles using terraform in AWS.
Happy Learning!
Conclusion
So, In this blog we have seen in some simple steps how we can create IAM roles in AWS using Terraform.Thanks for being with me till the end. If you find this blog helpful do share with your friends.
