Fred Damstra
87ac71ad57
Adds support for a "DISABLED" file to skip select modules
|
4 gadi atpakaļ | |
|---|---|---|
| .. | ||
| .tfswitch.toml | 4 gadi atpakaļ | |
| DISABLED | 4 gadi atpakaļ | |
| README.md | 5 gadi atpakaļ | |
| common-locals.tf | 5 gadi atpakaļ | |
| main.tf | 5 gadi atpakaļ | |
| provider.tf | 5 gadi atpakaļ | |
| terraform.tfstate | 5 gadi atpakaļ | |
| version.tf | 5 gadi atpakaļ | |
README.md
README
The CAMRS folks that manage the AFS AWS accounts/organization manage the AWS root account. They create for us a somewhat nerfed user they've been naming "MDRAdmin".
This chunk of terraform adds a policy for MDRAdmin that gives them enough rights to be able to create the S3 bucket for terraform state and the dynamodb table for terraform locking.
This has to be run before state buckets can be created obviously, but I don't expect it to run often. Like, literally during initial account setup and that's probably it.
You'll need working AWS account credentials. Set AWS_PROFILE
to the correct profile name. Also, you may want to set
AWS_SDK_LOAD_CONFIG=1 in order to make the AWS Golang SDK
read $HOME/.aws/config