Skip to content

aws-samples/terraform-aws-identity-center-users-and-groups

BranchesTags

Repository files navigation

terraform-aws-identity-center-users-and-groups

Create AWS IAM Identity Center groups, users, and group membership with Terraform.

This pattern is twinned with terraform-aws-identity-center.

Module Inputs

module "idc_users_and_groups" {
  source  = "aws-samples/identity-center-users-and-groups/aws"
  version = "1.0.0"
  groups  = "./groups.yml"
  users   = "./users.yml"
}

Groups, users, and group membership are defined using yaml templates. The module then handles the heavy lifting.

Example groups.yml and users.yml .

Permission sets and account assignments

This pattern does not create permission sets and account assignments. If you want to do this, use this pattern: terraform-aws-identity-center.

We have deliberately segregated the two patterns:

  • You may be using an external IdP
  • You may be planning to use an external IdP and want to build a pattern that can be de-coupled in the future
  • At scale, any explicit or implicit dependencies (depends_on) between account assignments and group membership can have unintended consequences.
    • Example: with a dependency, adding a user to a group can cause terraform to refresh all account assignments that feature that group (into the 100s or 1000s depending on the scale of your AWS Organization).

Related Resources

Security

See CONTRIBUTING for more information.

License

This library is licensed under the MIT-0 License. See the LICENSE file.

About

Create AWS IAM Identity Center groups, users, and group membership with Terraform.

Topics

aws identity terraform sso identitycenter

Resources

Readme

License

MIT-0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

8 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

1.0.0 Latest
Jun 20, 2024

Contributors 3

  •  
  •  
  •  

Languages