Usage

Creates IAM Billing Roles that can be assumed for billing operations.

Read the more about IAM Tutorial: Delegate access to the billing console

module "billing_roles" {
  source = "dod-iac/iam-billing-roles/aws"

  tags = {
    Application = var.application
    Environment = var.environment
    Automation  = "Terraform"
  }
}

Terraform Version

Terraform 0.13. Pin module version to ~> 1.0.0 . Submit pull-requests to master branch.

Terraform 0.11 and 0.12 are not supported.

License

This project constitutes a work of the United States Government and is not subject to domestic copyright protection under 17 USC § 105. However, because the project utilizes code licensed from contributors and other third parties, it therefore is licensed under the MIT License. See LICENSE file for more information.

Requirements

Name	Version
terraform	>= 0.13
aws	~> 3.0

Providers

Name	Version
aws	~> 3.0

Modules

No Modules.

Resources

Name
aws_caller_identity
aws_iam_group
aws_iam_group_membership
aws_iam_group_policy_attachment
aws_iam_policy
aws_iam_policy_document
aws_iam_role
aws_iam_role_policy_attachment
aws_iam_user
aws_partition
aws_region

Inputs

Name	Description	Type	Default	Required
billing_full_access_users	The list of IAM users to assign to billing-full-access	list(string)	[]	no
billing_view_access_users	The list of IAM users to assign to billing-view-access	list(string)	[]	no
tags	Tags applied to the IAM resources.	map(string)	{}	no

Outputs

Name	Description
billing_full_access_group_arn	The Amazon Resource Name (ARN) of the billing-full-access group.
billing_full_access_role_arn	The Amazon Resource Name (ARN) of the billing-full-access role.
billing_view_access_group_arn	The Amazon Resource Name (ARN) of the billing-view-access group.
billing_view_access_role_arn	The Amazon Resource Name (ARN) of the billing-view-access role.