forked from cloudposse/terraform-aws-sso
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME.yaml
114 lines (97 loc) · 4.99 KB
/
README.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
---
#
# This is the canonical configuration for the `README.md`
# Run `make readme` to rebuild the `README.md`
#
# Name of this project
name: terraform-aws-sso
# Logo for this project
#logo: docs/logo.png
# License of this project
license: "APACHE2"
# Copyrights
copyrights:
- name: "Cloud Posse, LLC"
url: "https://cloudposse.com"
year: "2020"
# Canonical GitHub repo
github_repo: cloudposse/terraform-aws-sso
# Badges to display
badges:
- name: "Latest Release"
image: "https://img.shields.io/github/release/cloudposse/terraform-aws-sso.svg"
url: "https://github.com/cloudposse/terraform-aws-sso/releases/latest"
- name: "Slack Community"
image: "https://slack.cloudposse.com/badge.svg"
url: "https://slack.cloudposse.com"
- name: "Discourse Forum"
image: "https://img.shields.io/discourse/https/ask.sweetops.com/posts.svg"
url: "https://ask.sweetops.com/"
# List any related terraform modules that this module may be used with or that this module depends on.
related:
- name: "terraform-null-label"
description:
"Terraform module designed to generate consistent names and tags for resources. Use terraform-null-label to
implement a strict naming convention."
url: "https://github.com/cloudposse/terraform-null-label"
# List any resources helpful for someone to get started. For example, link to the hashicorp documentation or AWS documentation.
references:
- name: "Terraform Standard Module Structure"
description:
"HashiCorp's standard module structure is a file and directory layout we recommend for reusable modules
distributed in separate repositories."
url: "https://www.terraform.io/docs/modules/index.html#standard-module-structure"
- name: "Terraform Module Requirements"
description:
"HashiCorp's guidance on all the requirements for publishing a module. Meeting the requirements for publishing a
module is extremely easy."
url: "https://www.terraform.io/docs/registry/modules/publish.html#requirements"
- name: "Terraform `random_integer` Resource"
description:
"The resource random_integer generates random values from a given range, described by the min and max attributes
of a given resource."
url: "https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer"
- name: "Terraform Version Pinning"
description:
"The required_version setting can be used to constrain which versions of the Terraform CLI can be used with your
configuration"
url: "https://www.terraform.io/docs/configuration/terraform.html#specifying-a-required-terraform-version"
# Short description of this project
description: |-
This module configures [AWS Single Sign-On (SSO)](https://aws.amazon.com/single-sign-on/). AWS SSO makes it easy to
centrally manage access to multiple AWS accounts and business applications and provide users with single sign-on
access to all their assigned accounts and applications from one place. With AWS SSO, you can easily manage access and
user permissions to all of your accounts in AWS Organizations centrally. AWS SSO configures and maintains all the
necessary permissions for your accounts automatically, without requiring any additional setup in the individual
accounts. You can assign user permissions based on common job functions and customize these permissions to meet your
specific security requirements. AWS SSO also includes built-in integrations to many business applications, such as
Salesforce, Box, and Microsoft 365.
With AWS SSO, you can create and manage user identities in AWS SSO’s identity store, or easily connect to your
existing identity source, including Microsoft Active Directory, Okta Universal Directory, and Azure Active Directory
(Azure AD). AWS SSO allows you to select user attributes, such as cost center, title, or locale, from your identity
source, and then use them for attribute-based access control in AWS.
# Introduction to the project
#introduction: |-
# This is an introduction.
# How to use this module. Should be an easy example to copy and paste.
usage: |-
This module contains two sub-modules that can be used in conjunction to provision AWS SSO Permission Sets and to
assign AWS SSO Users and Groups to Permissions Sets in accounts.
- [modules/account-assignments](/modules/account-assignments) - a module for assigning users and groups to permission
sets in particular accounts
- [modules/permission-sets](/modules/permission-sets) - a module for provisioning AWS SSO permission sets
# Example usage
examples: |-
Here is a full example of using these modules to provision permission sets and assign them to accounts:
- [`examples/complete`](/examples/complete) - complete example of using these modules
# How to get started quickly
#quickstart: |-
# Here's how to get started...
# Other files to include in this README from the project folder
include:
- "docs/targets.md"
- "docs/terraform.md"
# Contributors to this project
contributors:
- name: "Matt Calhoun"
github: "mcalhoun"