Create IAM policies using AWS Lambda

In this article let’s look into how we can Create IAM policies using AWS Lambda and attach it to an existing IAM role during deployment using terraform. Imagine a scenario where you are working in a multi AWS account environment and the lambda in the main account needs permissions on other accounts ( for assuming […]

Don’t miss CloudWatch log group permissions

CloudWatch log group permissions are required in order for the log groups to receive events from a sources such as Cloud Watch Event rule. these permissions are added automatically when you create log groups using AWS Console. However when we use terraform to automate the process, these permissions should be added separately otherwise your log […]

Multiple Terraform providers and dynamic lookup

Multiple Terraform providers are helpful when you are working with multiple accounts (AWS) or working on a solution that spans across multiple accounts. You need an efficient way of defining Multiple Terraform providers to be able to lookup each provider dynamically. Following example uses terraform modules , refer to this article to understand how terraform […]

IAM Permissions boundary – Best way to restrict permissions.

IAM permissions boundary is an advanced feature for using a managed policy to set the maximum permissions that an identity-based policy can grant to an IAM entity – read more about Permissions boundary on AWS Documentation page Watch this aws reinvent video to get familiar with IAM permissions boundary concept , start from 30 mins […]