Create IAM roles for a Serverless API:
- IAM Role for Serverless + CloudFormation
- Deployer IAM User for GitHub to invoke
serverless deploy(Same privileges as the IAM Role for Serverless) - Access Key and Secret Key for the Deployer IAM user
module "aws_iam" {
source = "scaffoldly/serverless-api-iam/aws"
repository_name = module.repository.name
depends_on = [
module.repository
]
}| Name | Version |
|---|---|
| terraform | >= 1.0.0, < 1.1.0 |
| Name | Version |
|---|---|
| aws | 3.54.0 |
No modules.
| Name | Type |
|---|---|
| aws_iam_access_key.access_key | resource |
| aws_iam_role.cloudformation | resource |
| aws_iam_user.user | resource |
| aws_iam_user_policy.assume_cloudformation_role | resource |
| aws_iam_user_policy.policy | resource |
| aws_iam_policy_document.assume_cloudformation_role | data source |
| aws_iam_policy_document.cloudformation | data source |
| aws_iam_policy_document.deployer | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| repository_name | The repository name for the Serverless API (role names are prefixed with this for service-level isololation of privileges) | string |
n/a | yes |
| Name | Description |
|---|---|
| deployer_access_key | The AWS Access Key that can be used for deploys |
| deployer_secret_key | The AWS Secret Key that can be used for deploys |