ghndrx/terraform-foundation
1
0
Fork 0
mirror of https://github.com/ghndrx/terraform-foundation.git synced 2026-02-10 06:45:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6136cde9bbc81aa494013e7bee651dceff16686a
terraform-foundation/terraform/modules/identity-center/README.md
Greg Hendrickson 6136cde9bb feat: Terraform Foundation - AWS Landing Zone 
Enterprise-grade multi-tenant AWS cloud foundation.

Modules:
- GitHub OIDC for keyless CI/CD authentication
- IAM account settings and security baseline
- AWS Config Rules for compliance
- ABAC (Attribute-Based Access Control)
- SCPs (Service Control Policies)

Features:
- Multi-account architecture
- Cost optimization patterns
- Security best practices
- Comprehensive documentation

Tech: Terraform, AWS Organizations, IAM Identity Center
2026-02-02 02:57:23 +00:00

939 B
Raw Blame History

identity-center

Terraform module for AWS landing zone pattern.

Configure AWS IAM Identity Center (formerly AWS SSO).

Planned Features

  • Default permission sets (Admin, PowerUser, ReadOnly, Billing)
  • Custom permission sets with managed + inline policies
  • Group-to-account assignments
  • SCIM provisioning setup
  • MFA enforcement
  • Session duration policies

Planned Usage

module "identity_center" {
  source = "../modules/identity-center"
  
  default_permission_sets = true
  
  permission_sets = {
    DatabaseAdmin = {
      description      = "Database administration access"
      session_duration = "PT8H"
      managed_policies = ["arn:aws:iam::aws:policy/AmazonRDSFullAccess"]
    }
  }
  
  group_assignments = {
    admins_prod = {
      group_name     = "AWS-Admins"
      permission_set = "AdministratorAccess"
      account_ids    = ["111111111111", "222222222222"]
    }
  }
}
Reference in New Issue View Git Blame Copy Permalink