AWS terraform user to use pipeline

  1. Create a user with minimum permissions
  2. Create a role with Administrator access
  3. Add Trust Relationship for that user
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::11111111:user/terraform_user"
      },
      "Action": "sts:AssumeRole",
      "Condition": {}
    }
  ]
}

keep in mind, that root means all users in the AWS account

4. Add attached polity to user

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": "sts:AssumeRole",
            "Resource": "arn:aws:iam::11111111:role/terraform_role"
        }
    ]
}

Eventually, you can use that role to deploy all appropriate resources in the entire account.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Design a site like this with WordPress.com
Get started