Home

Awesome

Modernisation Platform Terraform Cross Account Access Module

Standards Icon Format Code Icon Scorecards IconSCA Icon Terraform SCA Icon

A simple Terraform module to configure an IAM role that is assumable from another account.

Usage

module "cross-account-access" {
  source     = "github.com/ministryofjustice/modernisation-platform-terraform-cross-account-access"
  account_id = "123456789"
  policy_arn = "arn:aws:iam::aws:policy/ReadOnlyAccess"
  role_name  = "CrossAccountAccess"
}
<!-- BEGIN_TF_DOCS -->

Requirements

NameVersion
<a name="requirement_terraform"></a> terraform>=1.0.1
<a name="requirement_aws"></a> aws~> 5.0

Providers

NameVersion
<a name="provider_aws"></a> aws~> 5.0

Modules

No modules.

Resources

NameType
aws_iam_role.defaultresource
aws_iam_role_policy_attachment.defaultresource
aws_iam_policy_document.assume-role-policydata source
aws_iam_policy_document.combined-assume-role-policydata source

Inputs

NameDescriptionTypeDefaultRequired
<a name="input_account_id"></a> account_idAccount ID to give access tostringn/ayes
<a name="input_additional_trust_roles"></a> additional_trust_rolesARN of other roles to be passed as principals for sts:AssumeRolelist(string)[]no
<a name="input_additional_trust_statements"></a> additional_trust_statementsJson attributes of additional iam policy documents to add to the trust policylist(string)[]no
<a name="input_policy_arn"></a> policy_arnPolicy ARN for the assumable role. Defaults to arn:aws:iam::aws:policy/ReadOnlyAccessstring"arn:aws:iam::aws:policy/ReadOnlyAccess"no
<a name="input_role_name"></a> role_nameName of assumable rolestringn/ayes

Outputs

NameDescription
<a name="output_role_arn"></a> role_arnn/a
<!-- END_TF_DOCS -->

Looking for issues?

If you're looking to raise an issue with this module, please create a new issue in the Modernisation Platform repository.