glue-iam-role
dod-iac/glue-iam-role/aws
IAM Role for use as a Glue service role
Usage Creates an IAM Role for use as a Glue service role that can read from any bucket and use any KMS key. ``hcl module "glue_iam_role" { source = "dod-iac/glue-iam-role/aws" name = "glue-iam-role" buckets = [""] keys = [""] tags = { Automation = "Terraform" } } ` Creates an IAM Role for use as a Glue service role that can read from a specific bucket and use any KMS key. `hcl module "glue_iam_role" { source = "dod-iac/glue-iam-role/aws" name = format("app-%s-glue-%s", var.application, var.environment) buckets = [aws_s3_bucket.main.arn] keys = [""] tags = { Application = var.application environment = var.environment Automation = "Terraform" } } ` Terraform Version Terraform 0.13. Pin module version to ~> 1.0.0 . Submit pull-requests to master branch. Terraform 0.11 and 0.12 are not support
| Name | Type | Description | Default |
|---|---|---|---|
| name | string | The name of the AWS IAM role. | |
| tags | map(string) | Tags applied to the AWS IAM role. | {} |
| policy_description | string | The description of the AWS IAM policy. Defaults to "The policy for [NAME]". | "" |
| policy_name | string | The name of the AWS IAM policy. Defaults to "[NAME]-policy". | "" |
| assume_role_policy | string | The assume role policy for the AWS IAM role. If blank, allows EC2 instances in | "" |
| buckets | list(string) | The ARNs of the AWS S3 buckets the role is allowed to read from. Use ["*"] to a | [] |
| description | string | The description of the AWS IAM role. | "" |
| keys | list(string) | The ARNs of the AWS KMS keys the role is allowed to use to decrypt files. Use [ | [] |
arn — The Amazon Resource Name (ARN) of the AWS IAM Role.name — The name of the AWS IAM Role.Azure landing zones Terraform module
Terraform supermodule for the Terraform platform engineering for Azure
Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Module to define a consistent naming convention by (namespace, stage,