add in users module

Author: zachrundle

main.tf

@@ -12,4 +12,20 @@ module "eks" {
 
   subnet_ids               = module.network.private_subnet_ids
   control_plane_subnet_ids = module.network.private_subnet_ids
+}
+
+module "permission_sets" {
+  source = "./modules/iam_identity_center"
+
+  permission_sets = [
+    {
+      name               = "AdministratorAccess",
+      description        = "Allow full access to the account",
+      relay_state        = "",
+      session_duration   = "",
+      tags               = {},
+      inline_policy      = "",
+      policy_attachments = ["arn:aws:iam::aws:policy/AdministratorAccess"]
+      customer_managed_policy_attachments = []
+    }]
 }

modules/iam_identity_center/variables.tf

@@ -1,7 +1,3 @@
-variable "aws_account" {
-  description = "Account number to create aws resources in. This variable should be defined in the terraform cloud workspace settings"
-}
-
 variable "permission_sets" {
   type = list(object({
     name               = string

modules/iam_identity_users/main.tf

@@ -0,0 +1,19 @@
+data "aws_ssoadmin_instances" "this" {}
+
+
+
+resource "aws_identitystore_user" "this" {
+  identity_store_id = tolist(data.aws_ssoadmin_instances.this.identity_store_ids)[0]
+
+  display_name = format("%s %s", each.value.first_name, each.value.last_name)
+  user_name    = format("%s%s", substr(lower(each.value.first_name), 0, 1), lower(each.value.last_name))
+
+  name {
+    given_name  = each.value.first_name
+    family_name = each.value.last_name
+  }
+
+  emails {
+    value = join("@", [format("%s.%s", lower(each.value.first_name), lower(each.value.last_name)), var.email_domain])
+  }
+}

modules/iam_identity_users/variables.tf

@@ -0,0 +1,13 @@
+variable "users" {
+  description = "Map of user identifiers to user details including their team."
+  type = map(object({
+    first_name = string
+    last_name  = string
+  }))
+}
+
+variable "email_domain" {
+    description = "Domain of the company"
+    type = string
+    default = "example.com"
+}

users.tf

@@ -0,0 +1,13 @@
+module "users" {
+  source           = "./modules/iam_identity_users"
+  users = {
+    "user" = {
+      first_name = "Zach"
+      last_name   = "Rundle"
+    },
+    "user" = {
+      first_name = "Maverick"
+      last_name   = "Dog"
+    },
+  }
+}