Skip to main content

Lab 39: Role Variable Setup Using Terraform

The Nautilus DevOps team is automating IAM role creation using Terraform to streamline permissions management. As part of this task, they need to create an IAM role with specific requirements.

For this task, create an AWS IAM role using Terraform with the following requirements:

  1. The IAM role name iamrole_mariyam should be stored in a variable named KKE_iamrole.

Note:

    1. The configuration values should be stored in a variables.tf file.
    1. The Terraform script should be structured with a main.tf file referencing variables.tf.

  1. The Terraform working directory is /home/bob/terraform.

  2. Right-click under the EXPLORER section in VS Code and select Open in Integrated Terminal to launch the terminal.

# /home/bob/terraform/variables.tf

# Variable to store the IAM role name as required by the task
variable "KKE_iamrole" {
  description = "The name for the IAM role"
  type        = string
  # The default value is set to the required role name: iamrole_mariyam
  default     = "iamrole_mariyam" 
}

# /home/bob/terraform/main.tf
# main.tf

resource "aws_iam_role" "mariyam_role" {
  # Role name is retrieved from the variable KKE_iamrole
  name = var.KKE_iamrole 

  assume_role_policy = jsonencode({
    Version = "2012-10-17",
    Statement = [
      {
        Action = "sts:AssumeRole",
        Effect = "Allow",
        Principal = {
          Service = "ec2.amazonaws.com"
        },
      },
    ],
  })

  # Optional: Define tags for the role
  tags = {
    Automation = "Terraform-DevOps"
    Project    = "Nautilus"
  }
}

# Optional: Output the ARN of the created role for verification
output "iam_role_arn" {
  description = "The ARN of the newly created IAM role"
  value       = aws_iam_role.mariyam_role.arn
}
terraform init
# or apply forcefully without creating plan and applying it
terraform apply -auto-approve