mirror of
https://github.com/opentofu/opentofu.git
synced 2024-12-30 10:47:14 -06:00
Quality of life: updated all AWS document links to https://
This commit is contained in:
parent
110d482033
commit
f238e9395a
@ -240,15 +240,15 @@ gain access to the (usually more privileged) administrative infrastructure.
|
|||||||
|
|
||||||
Your administrative AWS account will contain at least the following items:
|
Your administrative AWS account will contain at least the following items:
|
||||||
|
|
||||||
* One or more [IAM user](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html)
|
* One or more [IAM user](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html)
|
||||||
for system administrators that will log in to maintain infrastructure in
|
for system administrators that will log in to maintain infrastructure in
|
||||||
the other accounts.
|
the other accounts.
|
||||||
* Optionally, one or more [IAM groups](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups.html)
|
* Optionally, one or more [IAM groups](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups.html)
|
||||||
to differentiate between different groups of users that have different
|
to differentiate between different groups of users that have different
|
||||||
levels of access to the other AWS accounts.
|
levels of access to the other AWS accounts.
|
||||||
* An [S3 bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingBucket.html)
|
* An [S3 bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingBucket.html)
|
||||||
that will contain the Terraform state files for each workspace.
|
that will contain the Terraform state files for each workspace.
|
||||||
* A [DynamoDB table](http://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.CoreComponents.html#HowItWorks.CoreComponents.TablesItemsAttributes)
|
* A [DynamoDB table](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.CoreComponents.html#HowItWorks.CoreComponents.TablesItemsAttributes)
|
||||||
that will be used for locking to prevent concurrent operations on a single
|
that will be used for locking to prevent concurrent operations on a single
|
||||||
workspace.
|
workspace.
|
||||||
|
|
||||||
@ -266,7 +266,7 @@ administrative account described above.
|
|||||||
|
|
||||||
Your environment accounts will eventually contain your own product-specific
|
Your environment accounts will eventually contain your own product-specific
|
||||||
infrastructure. Along with this it must contain one or more
|
infrastructure. Along with this it must contain one or more
|
||||||
[IAM roles](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)
|
[IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)
|
||||||
that grant sufficient access for Terraform to perform the desired management
|
that grant sufficient access for Terraform to perform the desired management
|
||||||
tasks.
|
tasks.
|
||||||
|
|
||||||
@ -274,7 +274,7 @@ tasks.
|
|||||||
|
|
||||||
Each Administrator will run Terraform using credentials for their IAM user
|
Each Administrator will run Terraform using credentials for their IAM user
|
||||||
in the administrative account.
|
in the administrative account.
|
||||||
[IAM Role Delegation](http://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html)
|
[IAM Role Delegation](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html)
|
||||||
is used to grant these users access to the roles created in each environment
|
is used to grant these users access to the roles created in each environment
|
||||||
account.
|
account.
|
||||||
|
|
||||||
@ -369,7 +369,7 @@ tend to require.
|
|||||||
|
|
||||||
When running Terraform in an automation tool running on an Amazon EC2 instance,
|
When running Terraform in an automation tool running on an Amazon EC2 instance,
|
||||||
consider running this instance in the administrative account and using an
|
consider running this instance in the administrative account and using an
|
||||||
[instance profile](http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html)
|
[instance profile](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html)
|
||||||
in place of the various administrator IAM users suggested above. An IAM
|
in place of the various administrator IAM users suggested above. An IAM
|
||||||
instance profile can also be granted cross-account delegation access via
|
instance profile can also be granted cross-account delegation access via
|
||||||
an IAM policy, giving this instance the access it needs to run Terraform.
|
an IAM policy, giving this instance the access it needs to run Terraform.
|
||||||
|
Loading…
Reference in New Issue
Block a user