community.aws icon indicating copy to clipboard operation
community.aws copied to clipboard

Published 20 hours ago verified publisher icon ansible-collections

Allow setting of IAM alias

Open gregharvey opened this issue 3 years ago • 2 comments

SUMMARY

It would be useful to be able to set the IAM alias for an account with Ansible.

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

I'm currently using a simple module called iam_alias - seems like a reasonable name for the component!

ADDITIONAL INFORMATION

This feature request needs to do literally one thing: set the IAM alias. This is useful if you are wanting to either provide a custom login URL for an organisation or organisational unit or if you're using SSO. For SSO, the default AWS SSO login page for multiple accounts orders them by account number, which is hard to read and you need to know which account is which. If an alias is set then it groups accounts by IAM alias instead, which allows you to see IAM roles grouped by a human-readable alias, which is much more comfortable.

I am currently using this simple module I found on GitHub to achieve this:

https://github.com/shahbazn/ansible-aws-alias/blob/master/aws_alias_role/library/iam_alias.py

It doesn't currently support boto profiles, but if it did the yaml would look like this:

- name: Create IAM account alias for grouping
  iam_alias:
    aws_account_alias: "myAccountAlias"
    profile: "botoProfileName"
    region: "eu-west-1"

It should probably support all the usual standard AWS variables it doesn't currently support too.

gregharvey avatar Mar 25 '21 11:03 gregharvey

Files identified in the description: None

If these files are inaccurate, please update the component name section of the description or use the !component bot command.

click here for bot help

ansibullbot avatar Mar 25 '21 11:03 ansibullbot

Hi @gregharvey, thank you for this feature idea. Would you be willing to work with @shahbazn to raise a PR? Thanks.

alinabuzachis avatar Apr 16 '21 19:04 alinabuzachis