From 150744cae35500d496ca60270d6f82012102099f Mon Sep 17 00:00:00 2001 From: galco5 Date: Wed, 30 Nov 2022 14:55:34 +0200 Subject: [PATCH 1/3] add terraform aws provider configurations and terraform required providers --- main.tf | 374 ++++++++++++++++--- modules/eventbridge_permissions/terraform.tf | 8 + modules/s3_iac_events/terraform.tf | 8 + variables.tf | 25 -- variables_aws_provider_auth.tf | 60 +++ 5 files changed, 399 insertions(+), 76 deletions(-) create mode 100644 modules/eventbridge_permissions/terraform.tf create mode 100644 modules/s3_iac_events/terraform.tf create mode 100644 variables_aws_provider_auth.tf diff --git a/main.tf b/main.tf index 40a4b8b..a035cec 100644 --- a/main.tf +++ b/main.tf @@ -1,137 +1,409 @@ provider "aws" { alias = "ap_northeast_1" region = "ap-northeast-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "ap_northeast_2" region = "ap-northeast-2" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "ap_northeast_3" region = "ap-northeast-3" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "ap_south_1" region = "ap-south-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "ap_southeast_1" region = "ap-southeast-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "ap_southeast_2" region = "ap-southeast-2" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "ca_central_1" region = "ca-central-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "eu_central_1" region = "eu-central-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "eu_north_1" region = "eu-north-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "eu_west_1" region = "eu-west-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "eu_west_2" region = "eu-west-2" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "eu_west_3" region = "eu-west-3" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "sa_east_1" region = "sa-east-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "us_east_1" region = "us-east-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "us_east_2" region = "us-east-2" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "us_west_1" region = "us-west-1" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } provider "aws" { alias = "us_west_2" region = "us-west-2" - profile = var.profile - access_key = var.access_key - secret_key = var.secret_key + profile = var.aws_profile + access_key = var.aws_access_key + secret_key = var.aws_secret_key + dynamic assume_role { + for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_role_arn + session_name = var.aws_session_name + external_id = var.aws_external_id + } + } + dynamic assume_role_with_web_identity { + for_each = var.aws_assume_web_identity_role_arn == "" ? toset([0]) : toset([1]) + content { + role_arn = var.aws_assume_web_identity_role_arn + web_identity_token = var.aws_assume_web_identity_role_token + web_identity_token_file = var.aws_assume_web_identity_role_token_file + } + } } module "firefly_aws_integration" { diff --git a/modules/eventbridge_permissions/terraform.tf b/modules/eventbridge_permissions/terraform.tf new file mode 100644 index 0000000..f412185 --- /dev/null +++ b/modules/eventbridge_permissions/terraform.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "3.74.0" + } + } +} \ No newline at end of file diff --git a/modules/s3_iac_events/terraform.tf b/modules/s3_iac_events/terraform.tf new file mode 100644 index 0000000..f412185 --- /dev/null +++ b/modules/s3_iac_events/terraform.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "3.74.0" + } + } +} \ No newline at end of file diff --git a/variables.tf b/variables.tf index 12be00c..190554f 100644 --- a/variables.tf +++ b/variables.tf @@ -75,31 +75,6 @@ variable "target_event_bus_arn" { default = "arn:aws:events:us-east-1:094724549126:event-bus/prod-stablefly-event-bus" } -variable "profile" { - default = "" - type = string -} - -variable "external_id" { - default = "" - type = string -} - -variable "access_key" { - default = "" - type = string -} - -variable "secret_key" { - default = "" - type = string -} - -variable "session_name" { - default = "firefly" - type = string -} - variable "buckets_by_region" { type = map(list(string)) description = "" diff --git a/variables_aws_provider_auth.tf b/variables_aws_provider_auth.tf new file mode 100644 index 0000000..d8b5c5f --- /dev/null +++ b/variables_aws_provider_auth.tf @@ -0,0 +1,60 @@ + +variable "aws_profile" { + description = "The aws profile to create aws provider with" + default = "" + type = string +} + +variable "aws_external_id" { + description = "The aws external id to create aws provider with" + default = "" + type = string +} + +variable "aws_access_key" { + description = "The aws access key to create aws provider with" + default = "" + type = string +} + +variable "aws_secret_key" { + description = "The aws secret key to create aws provider with" + default = "" + type = string +} + +variable "aws_session_name" { + description = "The aws session name to create aws provider with" + default = "" + type = string +} + +variable "aws_assume_role_arn" { + description = "The aws assume role arn to create aws provider with" + default = "" + type = string +} + +variable "aws_assume_role_external_id" { + description = "The aws assume role external id to create aws provider with" + default = "" + type = string +} + +variable "aws_assume_web_identity_role_arn" { + description = "The aws assume role arn to create aws provider with" + default = "" + type = string +} + +variable "aws_assume_web_identity_role_token" { + description = "The aws assume role external id to create aws provider with" + default = "" + type = string +} + +variable "aws_assume_web_identity_role_token_file" { + description = "The aws assume role external id to create aws provider with" + default = "" + type = string +} \ No newline at end of file From 9165f70a39d3b350eaca1212d50b2b91093576fe Mon Sep 17 00:00:00 2001 From: galco5 Date: Wed, 30 Nov 2022 15:02:29 +0200 Subject: [PATCH 2/3] update readme and variables --- README.md | 17 ++++++++++++++--- variables_aws_provider_auth.tf | 7 +++---- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 8ce1b5c..4f1e808 100644 --- a/README.md +++ b/README.md @@ -88,10 +88,21 @@ exist_integration = true ### Optional AWS credentials will be default unless adding one of the following params to the configuration: ``` -profile = "YOUR_PROFILE" +aws_profile = "YOUR_PROFILE" ``` OR ``` -access_key = "YOUR_AWS_ACCESS_KEY" -secret_key = "YOUR_SECRET_KEY" +aws_access_key = "YOUR_AWS_ACCESS_KEY" +aws_secret_key = "YOUR_SECRET_KEY" ``` +OR +``` +aws_assume_role_arn = "YOUR_ROLE_ARN" +aws_session_name = "YOUR_SESSION_NAME" +aws_external_id = "YOUR_EXTERNAL_ID" +``` +OR +``` +aws_assume_web_identity_role_arn = "YOUR_ROLE_ARN" +aws_assume_web_identity_role_token = "YOUR_ROLE_TOKEN" +aws_assume_web_identity_role_token_file = "YOUR_TOKEN_FILE" \ No newline at end of file diff --git a/variables_aws_provider_auth.tf b/variables_aws_provider_auth.tf index d8b5c5f..b070687 100644 --- a/variables_aws_provider_auth.tf +++ b/variables_aws_provider_auth.tf @@ -1,4 +1,3 @@ - variable "aws_profile" { description = "The aws profile to create aws provider with" default = "" @@ -42,19 +41,19 @@ variable "aws_assume_role_external_id" { } variable "aws_assume_web_identity_role_arn" { - description = "The aws assume role arn to create aws provider with" + description = "The aws assume web identity role arn to create aws provider with" default = "" type = string } variable "aws_assume_web_identity_role_token" { - description = "The aws assume role external id to create aws provider with" + description = "Value of a web identity token from an OpenID Connect to create aws provider with" default = "" type = string } variable "aws_assume_web_identity_role_token_file" { - description = "The aws assume role external id to create aws provider with" + description = "A File containing a web identity token from an OpenID Connect to create aws provider with" default = "" type = string } \ No newline at end of file From 123d83feaa2b2228c901d31109c747c35089137d Mon Sep 17 00:00:00 2001 From: galco5 Date: Wed, 30 Nov 2022 16:59:07 +0200 Subject: [PATCH 3/3] variables names --- README.md | 10 +- main.tf | 170 ++++++++++++++++----------------- variables_aws_provider_auth.tf | 10 +- 3 files changed, 95 insertions(+), 95 deletions(-) diff --git a/README.md b/README.md index 4f1e808..0e377f9 100644 --- a/README.md +++ b/README.md @@ -88,18 +88,18 @@ exist_integration = true ### Optional AWS credentials will be default unless adding one of the following params to the configuration: ``` -aws_profile = "YOUR_PROFILE" +profile = "YOUR_PROFILE" ``` OR ``` -aws_access_key = "YOUR_AWS_ACCESS_KEY" -aws_secret_key = "YOUR_SECRET_KEY" +access_key = "YOUR_AWS_ACCESS_KEY" +secret_key = "YOUR_SECRET_KEY" ``` OR ``` aws_assume_role_arn = "YOUR_ROLE_ARN" -aws_session_name = "YOUR_SESSION_NAME" -aws_external_id = "YOUR_EXTERNAL_ID" +session_name = "YOUR_SESSION_NAME" +external_id = "YOUR_EXTERNAL_ID" ``` OR ``` diff --git a/main.tf b/main.tf index a035cec..97cc4a6 100644 --- a/main.tf +++ b/main.tf @@ -1,15 +1,15 @@ provider "aws" { alias = "ap_northeast_1" region = "ap-northeast-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -25,15 +25,15 @@ provider "aws" { provider "aws" { alias = "ap_northeast_2" region = "ap-northeast-2" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -49,15 +49,15 @@ provider "aws" { provider "aws" { alias = "ap_northeast_3" region = "ap-northeast-3" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -73,15 +73,15 @@ provider "aws" { provider "aws" { alias = "ap_south_1" region = "ap-south-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -97,15 +97,15 @@ provider "aws" { provider "aws" { alias = "ap_southeast_1" region = "ap-southeast-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -121,15 +121,15 @@ provider "aws" { provider "aws" { alias = "ap_southeast_2" region = "ap-southeast-2" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -145,15 +145,15 @@ provider "aws" { provider "aws" { alias = "ca_central_1" region = "ca-central-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -169,15 +169,15 @@ provider "aws" { provider "aws" { alias = "eu_central_1" region = "eu-central-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -193,15 +193,15 @@ provider "aws" { provider "aws" { alias = "eu_north_1" region = "eu-north-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -217,15 +217,15 @@ provider "aws" { provider "aws" { alias = "eu_west_1" region = "eu-west-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -241,15 +241,15 @@ provider "aws" { provider "aws" { alias = "eu_west_2" region = "eu-west-2" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -265,15 +265,15 @@ provider "aws" { provider "aws" { alias = "eu_west_3" region = "eu-west-3" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -289,15 +289,15 @@ provider "aws" { provider "aws" { alias = "sa_east_1" region = "sa-east-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -313,15 +313,15 @@ provider "aws" { provider "aws" { alias = "us_east_1" region = "us-east-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -337,15 +337,15 @@ provider "aws" { provider "aws" { alias = "us_east_2" region = "us-east-2" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -361,15 +361,15 @@ provider "aws" { provider "aws" { alias = "us_west_1" region = "us-west-1" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { @@ -385,15 +385,15 @@ provider "aws" { provider "aws" { alias = "us_west_2" region = "us-west-2" - profile = var.aws_profile - access_key = var.aws_access_key - secret_key = var.aws_secret_key + profile = var.profile + access_key = var.access_key + secret_key = var.secret_key dynamic assume_role { for_each = var.aws_assume_role_arn == "" ? toset([0]) : toset([1]) content { role_arn = var.aws_assume_role_arn - session_name = var.aws_session_name - external_id = var.aws_external_id + session_name = var.session_name + external_id = var.external_id } } dynamic assume_role_with_web_identity { diff --git a/variables_aws_provider_auth.tf b/variables_aws_provider_auth.tf index b070687..5f15c3c 100644 --- a/variables_aws_provider_auth.tf +++ b/variables_aws_provider_auth.tf @@ -1,28 +1,28 @@ -variable "aws_profile" { +variable "profile" { description = "The aws profile to create aws provider with" default = "" type = string } -variable "aws_external_id" { +variable "external_id" { description = "The aws external id to create aws provider with" default = "" type = string } -variable "aws_access_key" { +variable "access_key" { description = "The aws access key to create aws provider with" default = "" type = string } -variable "aws_secret_key" { +variable "secret_key" { description = "The aws secret key to create aws provider with" default = "" type = string } -variable "aws_session_name" { +variable "session_name" { description = "The aws session name to create aws provider with" default = "" type = string