Gruntwork
Creation of group with an specific role assigned - Best practices for Ref Arch #212
-
|
Hi, We want to create a new group to access some specific resources (cloudwatch logs) in some of our accounts (dev/staging). What would be the recommended way to create a group with those requirements that can be assigned to a user in the security account with cross-account access? Thanks. |
Beta Was this translation helpful? Give feedback.
Answered by
yorinasub17
Feb 22, 2022
Replies: 1 comment
-
|
The best way to create this group is to use the custom-iam-entity module directly. E.g., you can add a new terragrunt config in terraform {
source = "git::[email protected]:gruntwork-io/terraform-aws-security.git//modules/custom-iam-entity?ref=v0.61.0"
}
inputs = {
should_require_mfa = false
should_create_iam_group = true
iam_group_name = "TODO: name of IAM Group"
iam_policy_arns = ["LIST", "OF", "IAM_POLICIES", "TO", "ATTACH"]
} |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
yorinasub17
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The best way to create this group is to use the custom-iam-entity module directly.
E.g., you can add a new terragrunt config in
infrastructure-livethat looks like the following: