diff --git a/cmd/install/crossplane.go b/cmd/install/crossplane.go
index 3027be7..22ed8f9 100644
--- a/cmd/install/crossplane.go
+++ b/cmd/install/crossplane.go
@@ -4,6 +4,7 @@ import (
 	"github.com/awslabs/eksdemo/pkg/application"
 	"github.com/awslabs/eksdemo/pkg/application/crossplane/core"
 	"github.com/awslabs/eksdemo/pkg/application/crossplane/ec2"
+	"github.com/awslabs/eksdemo/pkg/application/crossplane/iam"
 	"github.com/awslabs/eksdemo/pkg/application/crossplane/s3"
 	"github.com/spf13/cobra"
 )
@@ -48,6 +49,7 @@ func init() {
 	crossplane = []func() *application.Application{
 		core.NewApp,
 		ec2.NewApp,
+		iam.NewApp,
 		s3.NewApp,
 	}
 }
diff --git a/pkg/application/crossplane/iam/iam.go b/pkg/application/crossplane/iam/iam.go
new file mode 100644
index 0000000..5ce2489
--- /dev/null
+++ b/pkg/application/crossplane/iam/iam.go
@@ -0,0 +1,58 @@
+package iam
+
+import (
+	"github.com/awslabs/eksdemo/pkg/application"
+	"github.com/awslabs/eksdemo/pkg/application/crossplane"
+	"github.com/awslabs/eksdemo/pkg/cmd"
+	"github.com/awslabs/eksdemo/pkg/installer"
+	"github.com/awslabs/eksdemo/pkg/resource"
+	"github.com/awslabs/eksdemo/pkg/template"
+)
+
+func NewApp() *application.Application {
+	options := crossplane.NewProviderOptions("iam")
+
+	return &application.Application{
+		Command: cmd.Command{
+			Parent:      "crossplane",
+			Name:        "iam-provider",
+			Description: "Crossplane IAM Provider",
+			Aliases:     []string{"iam"},
+		},
+
+		Dependencies: []*resource.Resource{
+			crossplane.CheckCore(),
+			crossplane.Irsa(options, []string{"IAMFullAccess"}),
+		},
+
+		Installer: &installer.ManifestInstaller{
+			AppName: "crossplane-iam-provider",
+			ResourceTemplate: &template.TextTemplate{
+				Template: yamlTemplate,
+			},
+		},
+
+		Options: options,
+	}
+}
+
+const yamlTemplate = `---
+apiVersion: pkg.crossplane.io/v1beta1
+kind: DeploymentRuntimeConfig
+metadata:
+  name: aws-iam
+spec:
+  serviceAccountTemplate:
+    metadata:
+      annotations:
+        {{ .IrsaAnnotation }}         
+---
+apiVersion: pkg.crossplane.io/v1
+kind: Provider
+metadata:
+  name: provider-aws-iam
+spec:
+  package: xpkg.upbound.io/upbound/provider-aws-iam:{{ .Version }}
+  runtimeConfigRef:
+    name: aws-iam
+`