Add IAM resources for GitHub Actions.

AlbertClo · Aug 7, 2024 · 68a9f1d · 68a9f1d
1 parent 80da2b6
commit 68a9f1d
Showing 1 changed file with 33 additions and 0 deletions.
diff --git a/infra/terraform/main.tf b/infra/terraform/main.tf
@@ -78,6 +78,20 @@ resource "aws_key_pair" "albert_ssh_key" {
     })
 }
 
+# Generates an IAM user and access key for GitHub Actions
+resource "aws_iam_user" "albertclo_github_actions_user" {
+    name = "albertclo-github-actions"
+
+    tags = merge(local.common_tags, {
+        Name = "albertclo-github-actions"
+    })
+}
+
+# Creates an access key for the GitHub Actions user
+resource "aws_iam_access_key" "albertclo_github_actions_access_key" {
+    user = aws_iam_user.albertclo_github_actions_user.name
+}
+
 # Creates a security group to control inbound and outbound traffic
 resource "aws_security_group" "albertclo_com_sec_group" {
     name        = "albertclo_com_sec_group"
@@ -376,8 +390,27 @@ output "instance_public_ip" {
     value       = aws_instance.albertclo_com.public_ip
 }
 
+# Outputs the AlbertClo EC2 instance ID
+output "instance_id" {
+    description = "ID of the EC2 instance"
+    value       = aws_instance.albertclo_com.id
+}
+
 # Outputs the public key for GitHub deployment
 output "github_public_key" {
     description = "GitHub deploy key"
     value       = tls_private_key.albertclo_github_deploy_key.public_key_openssh
 }
+
+# Outputs the access key for GitHub Actions
+output "github_actions_access_key" {
+    description = "Access key for GitHub Actions"
+    value       = aws_iam_access_key.albertclo_github_actions_access_key.id
+}
+
+# Outputs the secret key for GitHub Actions
+output "github_actions_secret_key" {
+    description = "Secret key for GitHub Actions"
+    value       = aws_iam_access_key.albertclo_github_actions_access_key.secret
+}
+