-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathvariables.tf
102 lines (86 loc) · 2.75 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
variable "namespace" {
type = string
default = ""
description = "Namespace, which could be your organization name or abbreviation, e.g. 'goci' or 'cp'"
}
variable "environment" {
type = string
default = ""
description = "Environment, e.g. 'prod', 'staging', 'dev', 'pre-prod', 'UAT'"
}
variable "stage" {
type = string
default = ""
description = "Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release'"
}
variable "name" {
type = string
default = ""
description = "Solution name, e.g. 'app' or 'jenkins'"
}
variable "enabled" {
type = bool
default = true
description = "Set to false to prevent the module from creating any resources"
}
variable "delimiter" {
type = string
default = "-"
description = "Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`"
}
variable "attributes" {
type = list(string)
default = []
description = "Additional attributes (e.g. `1`)"
}
variable "tags" {
type = map(string)
default = {}
description = "Additional tags (e.g. `map('BusinessUnit','XYZ')`"
}
variable "with_external_id" {
type = bool
default = true
description = "Creates a random UUID as external ID and attaches an additional condition to the TrustRelation policy"
}
variable "external_id_keeper" {
type = string
default = "initial"
description = "Changes to this value lead to a new external id (pipeline must run)."
}
variable "trusted_iam_arns" {
type = list(string)
default = []
description = "IAM ARNs to allow sts:AssumeRole on the created role. For eample an IAM or Account ARN"
}
variable "trusted_services" {
type = list(string)
default = []
description = "Additional trusted AWS services like ec2.amazonaws.com to be allowed to assume the role"
}
variable "policy_attachments" {
type = list(string)
default = []
description = "Additional existing policy ARNs to attach to the role"
}
variable "policy_statements" {
# list of actions, resources and optionally effect
type = any
default = []
description = "Policy attachments in Terraform style (effect, actions, resources, conditions)"
}
variable "policy_json" {
type = string
default = ""
description = "Full JSON Representation of Policy Document. Use data.aws_iam_policy_document.my_policy.json for example"
}
variable "force_detach_policies" {
type = bool
default = false
description = "Specifies to force detaching any policies the role has before destroying it"
}
variable "role_name_override" {
type = string
default = ""
description = "Full Override for the IAM Role Name"
}