forked from gazoakley/terraform-aws-session-manager-settings
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
34 lines (32 loc) · 1.13 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
locals {
base_inputs = {
s3BucketName = var.s3_bucket_name
s3KeyPrefix = var.s3_key_prefix
s3EncryptionEnabled = var.s3_encryption_enabled
cloudWatchLogGroupName = var.cloudwatch_log_group_name
cloudWatchEncryptionEnabled = var.cloudwatch_encryption_enabled
cloudWatchStreamingEnabled = var.cloudwatch_streaming_enabled
idleSessionTimeout = var.idle_session_timeout
maxSessionDuration = var.max_session_duration
runAsEnabled = var.run_as_enabled
shellProfile = {
linux = var.linux_shell_profile
windows = var.windows_shell_profile
}
}
inputs = merge(
local.base_inputs,
var.kms_key_id != null ? { kmsKeyId = var.kms_key_id } : {},
)
}
resource "aws_ssm_document" "session_manager_prefs" {
name = "SSM-SessionManagerRunShell"
document_type = "Session"
document_format = "JSON"
content = jsonencode({
schemaVersion = "1.0"
description = "Document to hold regional settings for Session Manager"
sessionType = "Standard_Stream"
inputs = local.inputs
})
}