Attache different policies to different users

woody · July 30, 2021, 4:26am

I have an aws_iam_user resource that creates users:

variable "users_list" {
  default = [
    "user1",
    "user2",
    "user3"
  ]
}

resource "aws_iam_user" "users" {
  count = length(var.users_list)
  name = "${var.platform}_${element(var.users_list, count.index)}
}

Policies

resource "aws_iam_user_policy" "db_access" {

  count = length(aws_iam_user.users)
  user = element(aws_iam_user.users[*].name, count.index)

  name = "test1"

  policy = <<EOF
...
EOF
}

resource "aws_iam_user_policy" "ec2_access" {

  count = length(aws_iam_user.users)
  user = element(aws_iam_user.users[*].name, count.index)

  name = "test2"

  policy = <<EOF
...
EOF
}

This way I can assign all these policies to all users

But for example, user1 can have db_access and ec2_access , but user3 could have only db_access

Is there any way to do this in terraform?

Topic		Replies	Views
Attache different multiple policies to multiple users with for_each Terraform	5	4546	December 13, 2019
Create IAM users by Terraform AWS hcp-terraform	0	224	August 17, 2022
Count and for_each doesn't go hand in hand Terraform	1	846	January 25, 2023
Creating dynamic IAM policy by populating the list of resources being created in policy JSON Terraform	1	2041	July 22, 2021
Using for_each with resources that haven't been created yet Terraform	1	1501	October 2, 2021

Attache different policies to different users

Related topics