Git Product home page Git Product logo

tcbdesafioansible's Introduction

tcbdesafioansiblehero

How we use IaC to migrate on-premises users to the AWS cloud through Ansible..

Ansible role to create users, groups and policies

#Motivation

The bore of migrating tons of users on-premise to the cloud, particularly to AWS.

Who needs this? All companies and businesses need to migrate several users on-prem to AWS.

How: Instead of manually creating the users in AWS IAM, a quick way is to automate the task using Ansible.

#Requirements

*Ansible *AWS account *Linux

What it does:
- [X] Creates groups
- [X] Creates Users
- [X] Sets password to Users
- [X] Adds Users to Groups
- [X] Add Policies
- [X] Enable Multi-factor authentication (MFA)

aws-mfa-enforce.yaml

---
aws_mfaenforce: arn:aws:iam::<Account ID>:policy/EnforceMFAPolicy

aws-create-groups-users-csv.yaml

---
- name: Create AWS resources
  hosts: local
  connection: local
  gather_facts: False
  no_log: False
  vars_files: aws-mfa-enforce.yaml

  tasks:

# Create groups
    - name: Read new AWS groups from CSV file
      read_csv:
        path: groups-users-to-aws.csv
        key: grupo
      register: grupo

    - name: Creating new AWS groups from CSV file
      community.aws.iam_group:
        name: "{{ item.value.grupo }}"
        managed_policies:
          - "{{ item.value.politica }}"
          - "{{aws_mfaenforce}}"
        state: present
      loop: "{{ grupo.dict|dict2items }}"

# Create users
    - name: Read new AWS users from CSV file
      read_csv:
        path: groups-users-to-aws.csv
      register: users

    - name: Creating new AWS users
      iam:
        iam_type: user
        name: "{{ item.usuario }}"
        state: present
        groups: "{{ item.grupo }}"
        password: "{{ item.senha}}"
      loop: "{{ users.list }}"

groups-users-to-aws.csv

usuario,senha,grupo,politica
bootcamper.tcb,MeMuda123456!,CloudAdmin,arn:aws:iam::aws:policy/AdministratorAccess
Stefano.Edge,MeMuda123456!,DBA,arn:aws:iam::aws:policy/AmazonRDSFullAccess
Cosmo.Meyer,MeMuda123456!,Estagiarios,arn:aws:iam::aws:policy/ReadOnlyAccess
Olivia-Rose.Huang,MeMuda123456!,LinuxAdmin,arn:aws:iam::aws:policy/AmazonEC2FullAccess
Karolina.Cassidy,MeMuda123456!,RedesAdmin,arn:aws:iam::aws:policy/AmazonVPCFullAccess

aws-delete-users-csv.yaml

---
- name: Create AWS resources
  hosts: local
  connection: local
  gather_facts: False
  no_log: False
  vars_files: aws-mfa-enforce.yaml

  tasks:

# Create groups
    - name: Read new AWS groups from CSV file
      read_csv:
        path: groups-users-to-aws.csv
        key: grupo
      register: grupo

    - name: Creating new AWS groups from CSV file
      community.aws.iam_group:
        name: "{{ item.value.grupo }}"
        managed_policies:
          - "{{ item.value.politica }}"
          - "{{aws_mfaenforce}}"
        state: absent
      loop: "{{ grupo.dict|dict2items }}"

# Create users
    - name: Read new AWS users from CSV file
      read_csv:
        path: groups-users-to-aws.csv
      register: users

    - name: Creating new AWS users
      iam:
        iam_type: user
        name: "{{ item.usuario }}"
        state: absent
        groups: "{{ item.grupo }}"
        password: "{{ item.senha}}"
      loop: "{{ users.list }}"

*Live ✌️ *Love ❤️ *Learn 🙈 🙉 🙊

🚀🚀🚀 *ansible *aws *iam *pracima *thecloudbootcamp

tcbdesafioansible's People

Contributors

lucianod2 avatar

Stargazers

avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.