Terraform: AWS: Role for Cross-Account Access support

Created on 15 Aug 2016  ยท  3Comments  ยท  Source: hashicorp/terraform

Any idea if and when AWS: Role for Cross-Account Access" in Terraform's IAM resource "aws_iam_role" will be supported in Terraform???

provideaws question
Source
picture pdakhane

Most helpful comment

This is currently supported. We use it extensively in an MSP environment. You simply create an IAM role, and assign the appropriate assume_role_policy.

resource "aws_iam_role" "MSPAdmin" {
  name = "MSP-Admin"
  assume_role_policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": {
    "Effect": "Allow",
    "Principal": {
      "AWS": "arn:aws:iam::ACCOUNT_NUMBER_HERE:root"
    },
    "Action": "sts:AssumeRole"
  }
}
EOF
}
picture geekifier on 16 Aug 2016
👍18

All 3 comments

This is currently supported. We use it extensively in an MSP environment. You simply create an IAM role, and assign the appropriate assume_role_policy.

resource "aws_iam_role" "MSPAdmin" {
  name = "MSP-Admin"
  assume_role_policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": {
    "Effect": "Allow",
    "Principal": {
      "AWS": "arn:aws:iam::ACCOUNT_NUMBER_HERE:root"
    },
    "Action": "sts:AssumeRole"
  }
}
EOF
}
geekifier picture geekifier on 16 Aug 2016
👍18

Closing since @geekifier is a hero.

mitchellh picture mitchellh on 17 Aug 2016
👍2 🎉1

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashibot[bot] picture hashibot[bot] on 23 Apr 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

shanmugakarna picture shanmugakarna  ยท  3Comments
zeninfinity picture zeninfinity  ยท  3Comments
rjinski picture rjinski  ยท  3Comments
c4milo picture c4milo  ยท  3Comments
rjinski picture rjinski  ยท  3Comments