Skip to content

infrahouse/aws-control

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

154 Commits
.claude
.claude
 
 
.github/workflows
.github/workflows
 
 
hooks
hooks
 
 
modules
modules
 
 
.gitignore
.gitignore
 
 
.readthedocs.yaml
.readthedocs.yaml
 
 
.terraform-version
.terraform-version
 
 
.terraform.lock.hcl
.terraform.lock.hcl
 
 
.yamllint
.yamllint
 
 
CLAUDE.md
CLAUDE.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
aws_iam_ic_groups.tf
aws_iam_ic_groups.tf
 
 
aws_iam_ic_users.tf
aws_iam_ic_users.tf
 
 
aws_iam_openid_connect_provider.tf
aws_iam_openid_connect_provider.tf
 
 
aws_iam_role.ih_tf_aws_control_289256138624.tf
aws_iam_role.ih_tf_aws_control_289256138624.tf
 
 
aws_iam_role.ih_tf_aws_control_303467602807.tf
aws_iam_role.ih_tf_aws_control_303467602807.tf
 
 
aws_iam_role.ih_tf_aws_control_338531211565.tf
aws_iam_role.ih_tf_aws_control_338531211565.tf
 
 
aws_iam_role.ih_tf_aws_control_493370826424.tf
aws_iam_role.ih_tf_aws_control_493370826424.tf
 
 
aws_iam_role.ih_tf_aws_control_990466748045.tf
aws_iam_role.ih_tf_aws_control_990466748045.tf
 
 
aws_iam_role.ih_tf_github_control.tf
aws_iam_role.ih_tf_github_control.tf
 
 
aws_iam_role.ih_tf_infrahouse_website_infra.tf
aws_iam_role.ih_tf_infrahouse_website_infra.tf
 
 
backups.tf
backups.tf
 
 
backups_synology.tf
backups_synology.tf
 
 
cost.tf
cost.tf
 
 
data_sources.tf
data_sources.tf
 
 
locals.tf
locals.tf
 
 
outputs.tf
outputs.tf
 
 
providers.tf
providers.tf
 
 
renovate.json
renovate.json
 
 
requirements-ci.txt
requirements-ci.txt
 
 
requirements.txt
requirements.txt
 
 
terraform.tf
terraform.tf
 
 

Repository files navigation

aws-control

Terraform configuration managing core AWS infrastructure in the InfraHouse control account (990466748045).

What it manages

  • IAM users, roles, groups, and policies
  • AWS SSO (Identity Center) configuration
  • Backup infrastructure (Synology Glacier vault, S3 backup buckets)
  • Cost alerts
  • GitHub Actions OIDC integration for CI/CD

Local Development

Prerequisites

  • Terraform (version in .terraform-version)
  • AWS SSO access to the control account with AWSAdministratorAccess

Authenticate via SSO

aws sso login --profile infrahouse-root-AWSAdministratorAccess

Export credentials

Use ih-aws to export SSO credentials into your shell:

eval $(ih-aws --aws-profile infrahouse-root-AWSAdministratorAccess credentials -e)

Run plan

make plan

This runs terraform init followed by terraform plan.

Apply

make apply

Applies the saved plan from tf.plan.

CI/CD

  • PR: Lint, validate, plan, publish plan comment (terraform-CI.yml)
  • Merge: Download saved plan, apply (terraform-CD.yml)
  • Authentication uses OIDC (GitHub -> AWS IAM role ih-tf-aws-control-github)

About

InfraHouse Main AWS Account 990466748045.

Topics

aws terraform infrahouse

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages