Feature | management/global/base-identities Marketplace & AWS IQ user…

…s updated (#525) management/global/base-identities Marketplace & AWS IQ users updated
binbashar · Aug 17, 2023 · ccc5bd9 · ccc5bd9
1 parent d2aa159
commit ccc5bd9
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 3 deletions.
diff --git a/management/global/base-identities/config.tf b/management/global/base-identities/config.tf
@@ -10,7 +10,7 @@ provider "aws" {
 # Backend Config (partial)    #
 #=============================#
 terraform {
-  required_version = "~> 1.2.7"
+  required_version = "~> 1.3.0"
 
   required_providers {
     aws = "~> 4.10"

diff --git a/management/global/base-identities/groups.tf b/management/global/base-identities/groups.tf
@@ -11,7 +11,6 @@ module "iam_group_admins" {
     module.user["exequiel.barrirero"].iam_user_name,
     module.user["jose.peinado"].iam_user_name,
     module.user["luis.gallardo"].iam_user_name,
-    module.user["marcos.pagnucco"].iam_user_name
   ]
 
   custom_group_policy_arns = [
@@ -32,3 +31,18 @@ module "iam_group_finops" {
     "arn:aws:iam::aws:policy/job-function/ViewOnlyAccess",
   ]
 }
+
+module "iam_group_aws_iq" {
+  source = "github.com/binbashar/terraform-aws-iam.git//modules/iam-group-with-policies?ref=v5.9.2"
+  name   = "aws_iq_root_org"
+
+  group_users = [
+    module.user["emiliano.brest"].iam_user_name,
+    module.user["marcos.pagnucco"].iam_user_name
+  ]
+
+  custom_group_policy_arns = [
+    "arn:aws:iam::aws:policy/AWSIQFullAccess",
+    "arn:aws:iam::aws:policy/AWSMarketplaceSellerFullAccess"
+  ]
+}
diff --git a/management/global/base-identities/groups_policies.tf b/management/global/base-identities/groups_policies.tf
@@ -23,4 +23,4 @@ resource "aws_iam_policy" "assume_oaar_role" {
     ]
   }
   EOF
-}
+}
diff --git a/management/global/base-identities/locals.tf b/management/global/base-identities/locals.tf
@@ -7,6 +7,7 @@ locals {
   users = [
     "angelo.fenoglio",
     "diego.ojeda",
+    "emiliano.brest",
     "exequiel.barrirero",
     "jose.peinado",
     "luis.gallardo",
-Original file line number
+Diff line change
@@ Expand Up / @@ -23,4 +23,4 @@ resource "aws_iam_policy" "assume_oaar_role" { @@
         ]
       }
       EOF
-    }
+    }