Terraform for aws accounts

Hi, I manage multiple AWS accounts within my organization and run workflows using Terraform. Currently, I create and manage Terraform IdPs and roles in each account, which I use to deploy resources.

I am looking for best practices or alternative approaches to avoid creating individual IdPs and roles in each account. Is there a way to manage resources across multiple AWS accounts more efficiently using Terraform?

Any advice or examples would be greatly appreciated!

Thanks in advance.

What’s the reason to have individual IDPs in each account? For a corporate-wide landing zone, you would typically have one IDP with IAM Identity Center configured for SSO.

Either way, you can perhaps get some inspiration from the blog post Terraform AWS Provider — Everything you need to know about Multi-Account Authentication and Configuration, which I found quite helpful in the past.

Hope this helps.

1 Like