Step-by-Step Guide: Installing Terraform on an EC2 Instance and Managing IAM Resources

Introduction:

In this blog, we will walk through the process of managing IAM resources using Terraform. IAM (Identity and Access Management) in AWS enables you to manage user access and permissions for various AWS services. By leveraging Terraform's infrastructure as code capabilities, we can define and provision IAM users, groups, and policies in a repeatable and scalable manner. Follow this step-by-step guide to learn how to create and destroy IAM resources using Terraform.

tasks
    1.Create IAM User
    2.Create IAM Group
    3.Add User to the Group
    4.Create IAM Policy
    5.Attach IAM Policy to the Group

Step1: Launch EC2 instance

Step2. Attach iam role to EC2 instance

Step3. connect EC2 instance

Step 4: Install Terraform

1. Ensure you have Terraform installed on your local machine. You can download the latest version from the official Terraform website (https://www.terraform.io/downloads.html).

   Now, unzip the downloaded file.

   Move the Terraform binary to a system directory.

    wget https://releases.hashicorp.com/terraform/1.5.2/terraform_1.5.2_linux_amd64.zip
    ls
    unzip terraform_1.5.2_linux_amd64.zip
    mv terraform  /bin/
    terraform version
   

1. Now, make a configuration file. I am giving here the name as iam_resources.tf . You can give name as per your choice but remember the extension must be ‘tf’.

    # Create IAM User
    resource "aws_iam_user" "raj_user" {
      name = "raj_user"
    }
   
    # Create IAM Group
    resource "aws_iam_group" "asale_group" {
      name = "asale_group"
    }
   
    # Add User to the Group
    resource "aws_iam_user_group_membership" "asale_member" {
      user  = aws_iam_user.raj_user.name
      groups = [aws_iam_group.asale_group.name]
    }
   
    # Create IAM Policy
    resource "aws_iam_policy" "iam_policy" {
      name = "iam_policy"
   
      policy = <<EOF
    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "s3:ListBucket"
          ],
          "Resource": [
            "*"
          ]
        }
      ]
    }
    EOF
    }
   
    # Attach IAM Policy to the Group
    resource "aws_iam_group_policy_attachment" "iam_policy_attachment" {
      group      = aws_iam_group.asale_group.name
      policy_arn = aws_iam_policy.iam_policy.arn
    }
   

tep 5: Initialize and Apply the Configuration

1. Run terraform init to initialize the Terraform configuration.

2. Run terraform plan command

Run terraform apply to create the IAM resources. Review the changes and confirm by typing "yes" when prompted.

Step 5: Verify the IAM Resources

Sign in to the AWS Management Console and navigate to the IAM service.

Validate that the IAM user, group, and policy are created as expected.

Step 6: Destroy the IAM Resources

1. When you no longer need the IAM resources, run terraform destroy to destroy the resources created by Terraform. Confirm the destruction by typing "yes" when prompted.

Conclusion:

In this blog, we learned how to manage IAM resources using Terraform. By defining IAM users, groups, and policies in Terraform configuration files, we can easily provision and manage these resources in a consistent and scalable manner. With Terraform, you can automate the process of setting up and managing IAM permissions for your AWS resources. Additionally, the ability to destroy resources ensures proper cleanup when they are no longer needed, reducing unnecessary costs and maintaining a clean environment.