feat: iam modules (#4)

* iam modules

* chore: Update terraform docs

* Update examples/iam/cloudfront-invalidation/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* chore: Update terraform docs

* Update examples/iam/cloudfront-invalidation/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* Update examples/iam/developers/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* Update examples/iam/ecr-pull-push/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* chore: Update terraform docs

* Update examples/iam/ecr-pull-push/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* Update modules/iam/ecs-deploy/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* Update modules/iam/s3-read-write/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* Update modules/iam/secrets-manager/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* chore: Update terraform docs

* Update modules/iam/user-with-access-key/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* chore: Update terraform docs

* add aws provider

* chore: Update terraform docs

* Update examples/iam/ecs-deploy/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* Update examples/iam/ecs-deploy/versions.tf

Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

* chore: Update terraform docs

* fix:paths

* chore: Update terraform docs

* feat: Unify versionign

* chore: Update terraform docs

* fix:paths

* chore: Update terraform docs

* fix: module name

* chore: Update terraform docs

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Bartłomiej Wójtowicz <[email protected]>

examples/iam/developers/README.md

@@ -0,0 +1,14 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_secrets"></a> [secrets](#module\_secrets) | ../../../modules/iam/developers | n/a |
+<!-- END_TF_DOCS -->

examples/iam/developers/main.tf

@@ -0,0 +1,5 @@
+module "secrets" {
+  source = "../../../modules/iam/developers"
+
+  users = ["[email protected]"]
+}

examples/iam/developers/versions.tf

@@ -0,0 +1,14 @@
+terraform {
+  required_version = "~> 1.0"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.0"
+    }
+  }
+}
+
+provider "aws" {
+  region = "eu-central-1"
+}

examples/iam/ecr-pull-push/README.md

@@ -0,0 +1,41 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 3.70.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_aws_iam_ecr_policy"></a> [aws\_iam\_ecr\_policy](#module\_aws\_iam\_ecr\_policy) | ../../../modules/iam/ecr-pull-push | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_ecr_repository.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository) | resource |
+| [aws_iam_access_key.pull](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
+| [aws_iam_access_key.push](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
+| [aws_iam_user.pull](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
+| [aws_iam_user.push](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_ecr_registry_id"></a> [ecr\_registry\_id](#output\_ecr\_registry\_id) | n/a |
+| <a name="output_ecr_repository_url"></a> [ecr\_repository\_url](#output\_ecr\_repository\_url) | n/a |
+| <a name="output_iam_pull_user_id"></a> [iam\_pull\_user\_id](#output\_iam\_pull\_user\_id) | n/a |
+| <a name="output_iam_pull_user_secret"></a> [iam\_pull\_user\_secret](#output\_iam\_pull\_user\_secret) | n/a |
+| <a name="output_iam_push_user_id"></a> [iam\_push\_user\_id](#output\_iam\_push\_user\_id) | n/a |
+| <a name="output_iam_push_user_secret"></a> [iam\_push\_user\_secret](#output\_iam\_push\_user\_secret) | n/a |
+<!-- END_TF_DOCS -->

examples/iam/ecr-pull-push/main.tf

@@ -0,0 +1,57 @@
+resource "aws_ecr_repository" "this" {
+  name = "aws-iam-ecr"
+
+  image_scanning_configuration {
+    scan_on_push = true
+  }
+}
+
+output "ecr_registry_id" {
+  value = aws_ecr_repository.this.registry_id
+}
+
+output "ecr_repository_url" {
+  value = aws_ecr_repository.this.repository_url
+}
+
+resource "aws_iam_user" "pull" {
+  name = "ecr-pull"
+}
+
+resource "aws_iam_access_key" "pull" {
+  user = aws_iam_user.pull.name
+}
+
+output "iam_pull_user_id" {
+  value = aws_iam_access_key.pull.id
+}
+
+output "iam_pull_user_secret" {
+  value     = aws_iam_access_key.pull.secret
+  sensitive = true
+}
+
+resource "aws_iam_user" "push" {
+  name = "ecr-push"
+}
+
+resource "aws_iam_access_key" "push" {
+  user = aws_iam_user.push.name
+}
+
+output "iam_push_user_id" {
+  value = aws_iam_access_key.push.id
+}
+
+output "iam_push_user_secret" {
+  value     = aws_iam_access_key.push.secret
+  sensitive = true
+}
+
+module "aws_iam_ecr_policy" {
+  source      = "../../../modules/iam/ecr-pull-push"
+  name_prefix = "aws-iam"
+  ecr_arn     = aws_ecr_repository.this.arn
+  pull_users  = [aws_iam_user.pull.name]
+  push_users  = [aws_iam_user.push.name]
+}

examples/iam/ecr-pull-push/versions.tf

@@ -0,0 +1,13 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.0"
+    }
+  }
+  required_version = "~> 1.0"
+}
+
+provider "aws" {
+  region = "eu-central-1"
+}

examples/iam/ecs-deploy/README.md

@@ -0,0 +1,40 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 3.70.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_aws_iam_ecs_policy"></a> [aws\_iam\_ecs\_policy](#module\_aws\_iam\_ecs\_policy) | ../../../modules/iam/ecs-deploy | n/a |
+| <a name="module_ecs_cluster"></a> [ecs\_cluster](#module\_ecs\_cluster) | Selleo/backend/aws//modules/ecs-cluster | n/a |
+| <a name="module_ecs_service"></a> [ecs\_service](#module\_ecs\_service) | Selleo/backend/aws//modules/ecs-service | n/a |
+| <a name="module_lb"></a> [lb](#module\_lb) | Selleo/backend/aws//modules/load-balancer | n/a |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_alb_listener.http](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/alb_listener) | resource |
+| [aws_iam_access_key.ecs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_access_key) | resource |
+| [aws_iam_user.ecs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_user) | resource |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_ecs_cluster_id"></a> [ecs\_cluster\_id](#output\_ecs\_cluster\_id) | n/a |
+| <a name="output_iam_user_id"></a> [iam\_user\_id](#output\_iam\_user\_id) | n/a |
+| <a name="output_iam_user_secret"></a> [iam\_user\_secret](#output\_iam\_user\_secret) | n/a |
+<!-- END_TF_DOCS -->