Skip to main content
Version: v1.7

AWS IAM-ASSUMABLE-ROLES-WITH-SAML

Description

Terraform module which creates IAM resources on AWS

Specification

Properties

NameDescriptionTypeRequiredDefault
admin_role_nameIAM role with admin accessstringfalse
admin_role_pathPath of admin IAM rolestringfalse
admin_role_permissions_boundary_arnPermissions boundary ARN to use for admin rolestringfalse
admin_role_policy_arnsList of policy ARNs to use for admin rolelist(string)false
admin_role_tagsA map of tags to add to admin role resource.map(string)false
aws_saml_endpointAWS SAML Endpointstringfalse
create_admin_roleWhether to create admin roleboolfalse
create_poweruser_roleWhether to create poweruser roleboolfalse
create_readonly_roleWhether to create readonly roleboolfalse
force_detach_policiesWhether policies should be detached from this role when destroyingboolfalse
max_session_durationMaximum CLI/API session duration in seconds between 3600 and 43200numberfalse
poweruser_role_nameIAM role with poweruser accessstringfalse
poweruser_role_pathPath of poweruser IAM rolestringfalse
poweruser_role_permissions_boundary_arnPermissions boundary ARN to use for poweruser rolestringfalse
poweruser_role_policy_arnsList of policy ARNs to use for poweruser rolelist(string)false
poweruser_role_tagsA map of tags to add to poweruser role resource.map(string)false
provider_idID of the SAML Provider. Use provider_ids to specify several IDs.stringfalse
provider_idsList of SAML Provider IDslist(string)false
readonly_role_nameIAM role with readonly accessstringfalse
readonly_role_pathPath of readonly IAM rolestringfalse
readonly_role_permissions_boundary_arnPermissions boundary ARN to use for readonly rolestringfalse
readonly_role_policy_arnsList of policy ARNs to use for readonly rolelist(string)false
readonly_role_tagsA map of tags to add to readonly role resource.map(string)false
writeConnectionSecretToRefThe secret which the cloud resource connection will be written towriteConnectionSecretToReffalse

writeConnectionSecretToRef

NameDescriptionTypeRequiredDefault
nameThe secret name which the cloud resource connection will be written tostringtrue
namespaceThe secret namespace which the cloud resource connection will be written tostringfalse