-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
59 lines (51 loc) · 1.47 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
//
// identity provider variables
//
variable "tfc_organization" {
type = string
description = "Name of the organization"
}
variable "tfc_project" {
type = string
description = "Name of the terraform cloud/enterprise project"
}
variable "tfc_aws_audience" {
type = string
description = "AWS audience"
default = "aws.workload.identity"
}
variable "tfc_hostname" {
type = string
default = "app.terraform.io"
description = "The hostname of the TFC or TFE instance you'd like to use with AWS"
}
//
// dynamic credentials roles
//
variable "dynamic_credentials_role_name_override" {
type = string
default = "terraform-cloud-dynamic-credentials"
description = "The name of the IAM role to create. If not set, the name will be generated automatically."
}
variable "statements" {
type = set(object({
org_name = string
project_name = string
workspace = string
run_phase = optional(string, "*")
}))
description = "The list of statements to use for the trust relationship"
validation {
condition = length(var.statements) > 0
error_message = "At least one statement must be provided"
}
}
variable "policies" {
type = set(object({
Effect = string
Action = set(string)
Resource = string
}))
default = []
description = "A list of custom policies to attach to the IAM role. By default the provider will be allowed to perform all actions on all ec2 resources."
}