Execute Terraform apply with AWS assume role

Question

I need to execute a Terraform template to provision infrastructure for an AWS account which I can access by assuming a role.

The problem I have now is I do not have an I

Answer 1

You should be able to do it like this: In Terraform configure the aws provider to use your local shared_credentials_file

provider "aws" {
  region                  = "us-east-1"
  shared_credentials_file = "${pathexpand("~/.aws/credentials")}"
  profile                 = "default"

  assume_role {
    role_arn = "arn:aws:iam::1234567890:role/OrganizationAccountAccessRole"
  }
}

"profile" is a named profile in ~/.aws/credentials that has AWS Access keys. E.g.

[default]
region = us-east-1
aws_access_key_id = AKIAJXXXXXXXXXXXX
aws_secret_access_key = Aadxxxxxxxxxxxxxxxxxxxxxxxxxxxx    

This is not an IAM user in the account you want to access. It's in the "source" account (you need keys at some point to access the AWS cli).

"assume_role.role_arn" is the role in the account you want to assume. The IAM user in "profile" needs to be allowed to assume that role.