What We Learn

1. Reading YAML files - file() + yamldecode()
2. Nested for loops - flatten list of lists
3. flatten() - convert nested structure to flat list
4. toset() - create unique set from list
5. for_each with set - create IAM users
6. for_each with map - attach multiple policies
7. lifecycle - ignore certain changes
8. Working with nested data - extract username + roles combinations

Goal

users.yaml → 3 users with different roles

raju    → AmazonEC2FullAccess
sham    → AmazonS3ReadOnlyAccess
baburao → AmazonS3ReadOnlyAccess + AmazonEC2FullAccess

Tasks:
1. Create 3 IAM users
2. Generate passwords for each
3. Attach correct policy/policies to each user

File Structure

iam-management/
├── main.tf
└── users.yaml

Step 1: YAML File

users.yaml:

users:
  - username: raju
    roles:
      - AmazonEC2FullAccess
  - username: sham
    roles:
      - AmazonS3ReadOnlyAccess
  - username: baburao
    roles:
      - AmazonS3ReadOnlyAccess
      - AmazonEC2FullAccess

Structure: