IdeaArmour > Redis Cloud > Marketplace integrations > AWS cloud accounts > Create IAM resources > Terraform
Create IAM resources using Terraform
Self-managed AWS accounts are deprecated, so this article has been archived.
You can use HashiCorp Terraform to create identity and access management (IAM) resources to support AWS cloud account access to Redis Cloud subscriptions.
The following example uses the terraform-aws-Redislabs-Cloud-Account-IAM-Resources module, located in Amazon S3:
Create a
main.tfas shown below (update theprofile,region, andpgp_keyvalues as appropriate).Note that a
pgp_keyis required. For details, see the Terraform docs.View terraformIAMTemplate.json<div class="highlight"><pre tabindex="0" style="color:#272822;background-color:#fafafa;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-js" data-lang="js"><span style="display:flex;"><span><span style="color:#75af00">provider</span> <span style="color:#d88200">"aws"</span> <span style="color:#111">{</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">profile</span> <span style="color:#f92672">=</span> <span style="color:#d88200">"tobyhf-admin"</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">region</span> <span style="color:#f92672">=</span> <span style="color:#d88200">"us-east-1"</span> </span></span><span style="display:flex;"><span><span style="color:#111">}</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75af00">module</span> <span style="color:#d88200">"Redislabs-Cloud-Account-Resources"</span> <span style="color:#111">{</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">source</span> <span style="color:#f92672">=</span> <span style="color:#d88200">"https://iam-resource-automation-do-not-delete.s3.amazonaws.com/terraform-aws-Redislabs-Cloud-Account-IAM-Resources.zip"</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">pgp_key</span> <span style="color:#f92672">=</span> <span style="color:#d88200">"keybase:toby_h_ferguson"</span> </span></span><span style="display:flex;"><span><span style="color:#111">}</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75af00">output</span> <span style="color:#d88200">"accessKeyId"</span> <span style="color:#111">{</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">value</span> <span style="color:#f92672">=</span> <span style="color:#75af00">module</span><span style="color:#111">.</span><span style="color:#75af00">Redislabs</span><span style="color:#f92672">-</span><span style="color:#75af00">Cloud</span><span style="color:#f92672">-</span><span style="color:#75af00">Account</span><span style="color:#f92672">-</span><span style="color:#75af00">Resources</span><span style="color:#111">.</span><span style="color:#75af00">accessKeyId</span> </span></span><span style="display:flex;"><span><span style="color:#111">}</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75af00">output</span> <span style="color:#d88200">"accessSecretKey"</span> <span style="color:#111">{</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">value</span> <span style="color:#f92672">=</span> <span style="color:#75af00">module</span><span style="color:#111">.</span><span style="color:#75af00">Redislabs</span><span style="color:#f92672">-</span><span style="color:#75af00">Cloud</span><span style="color:#f92672">-</span><span style="color:#75af00">Account</span><span style="color:#f92672">-</span><span style="color:#75af00">Resources</span><span style="color:#111">.</span><span style="color:#75af00">accessSecretKey</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">sensitive</span> <span style="color:#f92672">=</span> <span style="color:#00a8c8">true</span> </span></span><span style="display:flex;"><span><span style="color:#111">}</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75af00">output</span> <span style="color:#d88200">"IAMRoleName"</span> <span style="color:#111">{</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">value</span> <span style="color:#f92672">=</span> <span style="color:#75af00">module</span><span style="color:#111">.</span><span style="color:#75af00">Redislabs</span><span style="color:#f92672">-</span><span style="color:#75af00">Cloud</span><span style="color:#f92672">-</span><span style="color:#75af00">Account</span><span style="color:#f92672">-</span><span style="color:#75af00">Resources</span><span style="color:#111">.</span><span style="color:#75af00">IAMRoleName</span> </span></span><span style="display:flex;"><span><span style="color:#111">}</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75af00">output</span> <span style="color:#d88200">"consoleUsername"</span> <span style="color:#111">{</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">value</span> <span style="color:#f92672">=</span> <span style="color:#75af00">module</span><span style="color:#111">.</span><span style="color:#75af00">Redislabs</span><span style="color:#f92672">-</span><span style="color:#75af00">Cloud</span><span style="color:#f92672">-</span><span style="color:#75af00">Account</span><span style="color:#f92672">-</span><span style="color:#75af00">Resources</span><span style="color:#111">.</span><span style="color:#75af00">consoleUsername</span> </span></span><span style="display:flex;"><span><span style="color:#111">}</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75af00">output</span> <span style="color:#d88200">"signInLoginUrl"</span> <span style="color:#111">{</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">description</span> <span style="color:#f92672">=</span> <span style="color:#d88200">"Redis User's console login URL"</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">value</span> <span style="color:#f92672">=</span> <span style="color:#75af00">module</span><span style="color:#111">.</span><span style="color:#75af00">Redislabs</span><span style="color:#f92672">-</span><span style="color:#75af00">Cloud</span><span style="color:#f92672">-</span><span style="color:#75af00">Account</span><span style="color:#f92672">-</span><span style="color:#75af00">Resources</span><span style="color:#111">.</span><span style="color:#75af00">signInLoginUrl</span> </span></span><span style="display:flex;"><span><span style="color:#111">}</span> </span></span><span style="display:flex;"><span> </span></span><span style="display:flex;"><span><span style="color:#75af00">output</span> <span style="color:#d88200">"consolePassword"</span> <span style="color:#111">{</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">value</span> <span style="color:#f92672">=</span> <span style="color:#75af00">module</span><span style="color:#111">.</span><span style="color:#75af00">Redislabs</span><span style="color:#f92672">-</span><span style="color:#75af00">Cloud</span><span style="color:#f92672">-</span><span style="color:#75af00">Account</span><span style="color:#f92672">-</span><span style="color:#75af00">Resources</span><span style="color:#111">.</span><span style="color:#75af00">consolePassword</span> </span></span><span style="display:flex;"><span> <span style="color:#75af00">sensitive</span> <span style="color:#f92672">=</span> <span style="color:#00a8c8">true</span> </span></span><span style="display:flex;"><span><span style="color:#111">}</span> </span></span></code></pre></div>Initialize Terraform with the module:
Note: Terraform requires AWS credentials be supplied, but the source of the module is a public S3 bucket, so any valid credentials should work. Replace the
XXXXfields below with your relevant valuesAWS_ACCESS_KEY_ID=XXXX AWS_SECRET_KEY=XXXX terraform initBuild the resources:
terraform applyThis displays the required values. To access the sensitive data:
accessSecretKey:
echo $(terraform output -raw accessSecretKey)consolePassword:
echo $(terraform output -raw consolePassword | base64 --decode | keybase pgp decrypt)