terraform-aws-iam-role for project
This is a list of plugins that need to be installed previously to enjoy all the goodies of this configuration:
module "main" {
source = "hadenlabs/terraform-aws-iam-role/aws"
version = "0.1.0"
}Full working examples can be found in examples folder.
module "main" {
source = "hadenlabs/terraform-aws-iam-role/aws"
version = "0.1.0"
}| Name | Version |
|---|---|
| terraform | >= 0.12.20, < 2.0 |
| aws | >= 2.51, < 4.0 |
| null | >=0.1.0 |
| Name | Version |
|---|---|
| aws | >= 2.51, < 4.0 |
| Name | Source | Version |
|---|---|---|
| tags | hadenlabs/tags/null | >=0.2 |
| Name | Type |
|---|---|
| aws_iam_instance_profile.this | resource |
| aws_iam_policy.this | resource |
| aws_iam_role.this | resource |
| aws_iam_role_policy_attachment.this | resource |
| aws_iam_policy_document.assume_role | data source |
| aws_iam_policy_document.assume_role_aggregated | data source |
| aws_iam_policy_document.this | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| assume_role_actions | The IAM action to be granted by the AssumeRole policy | list(string) |
[ |
no |
| enabled | Set to false to prevent the module from creating any resources | bool |
true |
no |
| instance_profile_enabled | Create EC2 Instance Profile for the role | bool |
false |
no |
| max_session_duration | The maximum session duration (in seconds) for the role. Can have a value from 1 hour to 12 hours | number |
3600 |
no |
| name | Bucket name. If provided, the bucket will be created with this name instead of generating the name from the context | string |
n/a | yes |
| namespace | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | string |
null |
no |
| permissions_boundary | ARN of the policy that is used to set the permissions boundary for the role | string |
"" |
no |
| policy_description | The description of the IAM policy that is visible in the IAM policy manager | string |
"" |
no |
| policy_documents | List of JSON IAM policy documents | list(string) |
[] |
no |
| principals | Map of service name as key and a list of ARNs to allow assuming the role as value (e.g. map(AWS, list(arn:aws:iam:::role/admin))) |
map(list(string)) |
n/a | yes |
| role_description | The description of the IAM role that is visible in the IAM role manager | string |
n/a | yes |
| stage | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | string |
null |
no |
| tags | Additional tags (e.g. map('BusinessUnit','XYZ') |
map(string) |
{} |
no |
| use_fullname | If set to 'true' then the full ID for the IAM role name (e.g. [var.namespace]-[var.stage]-[var.name]) will be used. |
bool |
false |
no |
| Name | Description |
|---|---|
| arn | The Amazon Resource Name (ARN) specifying the role |
| enabled | Enabled property of module |
| id | The stable and unique string identifying the role |
| instance_profile | Name of the ec2 profile (if enabled) |
| name | The name of the IAM role created |
| policy | Role policy document in json format. Outputs always, independent of enabled variable |
| use_fullname | return if enabled use fullname |
Got a question?
File a GitHub issue.
See Contributing.
This Module follows the principles of Semantic Versioning (SemVer).
Using the given version number of MAJOR.MINOR.PATCH, we apply the following constructs:
- Use the
MAJORversion for incompatible changes. - Use the
MINORversion when adding functionality in a backwards compatible manner. - Use the
PATCHversion when introducing backwards compatible bug fixes.
- In the context of initial development, backwards compatibility in versions
0.0.zis not guaranteed whenzis increased. (Initial development) - In the context of pre-release, backwards compatibility in versions
0.y.zis not guaranteed whenyis increased. (Pre-release)
Copyright Β© 2018-2022 Hadenlabs
All other trademarks referenced herein are the property of their respective owners.
The code and styles are licensed under the LGPL-3.0 license See project license..
