From fe6497f96fa4c452ef9b0966b11ab3909c9dab4e Mon Sep 17 00:00:00 2001
From: Erik Schultink <eschultink@users.noreply.github.com>
Date: Thu, 18 Jul 2024 10:51:11 -0700
Subject: [PATCH] Update example to v0.4.57 (#39)

---
 google-workspace.tf | 2 +-
 main.tf             | 7 ++++---
 msft-365.tf         | 8 ++++----
 variables.tf        | 6 ++++++
 4 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/google-workspace.tf b/google-workspace.tf
index c9f4b76..5ea966a 100644
--- a/google-workspace.tf
+++ b/google-workspace.tf
@@ -7,7 +7,7 @@ provider "google" {
 
 
 module "worklytics_connectors_google_workspace" {
-  source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.56"
+  source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.57"
 
   providers = {
     google = google.google_workspace
diff --git a/main.tf b/main.tf
index cf09a62..e856d6b 100644
--- a/main.tf
+++ b/main.tf
@@ -20,7 +20,7 @@ terraform {
 
 # general cases
 module "worklytics_connectors" {
-  source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.56"
+  source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.57"
 
   enabled_connectors               = var.enabled_connectors
   jira_cloud_id                    = var.jira_cloud_id
@@ -99,7 +99,7 @@ locals {
 }
 
 module "psoxy" {
-  source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-host?ref=v0.4.56"
+  source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-host?ref=v0.4.57"
 
   environment_name                     = var.environment_name
   aws_account_id                       = var.aws_account_id
@@ -124,6 +124,7 @@ module "psoxy" {
   aws_ssm_key_id                       = var.project_aws_kms_key_arn
   use_api_gateway_v2                   = var.use_api_gateway_v2
   aws_lambda_execution_role_policy_arn = var.aws_lambda_execution_role_policy_arn
+  iam_roles_permissions_boundary       = var.iam_roles_permissions_boundary
   secrets_store_implementation         = var.secrets_store_implementation
   bulk_sanitized_expiration_days       = var.bulk_sanitized_expiration_days
   bulk_input_expiration_days           = var.bulk_input_expiration_days
@@ -155,7 +156,7 @@ locals {
 module "connection_in_worklytics" {
   for_each = local.all_instances
 
-  source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-aws?ref=v0.4.56"
+  source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-aws?ref=v0.4.57"
 
   psoxy_instance_id    = each.key
   worklytics_host      = var.worklytics_host
diff --git a/msft-365.tf b/msft-365.tf
index a54cb1b..69392ca 100644
--- a/msft-365.tf
+++ b/msft-365.tf
@@ -1,7 +1,7 @@
 # BEGIN MSFT
 
 module "worklytics_connectors_msft_365" {
-  source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-msft-365?ref=v0.4.56"
+  source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-msft-365?ref=v0.4.57"
 
   enabled_connectors                  = var.enabled_connectors
   environment_id                      = var.environment_name
@@ -45,7 +45,7 @@ data "aws_region" "current" {
 module "cognito_identity_pool" {
   count = local.msft_365_enabled ? 1 : 0 # only provision identity pool if MSFT-365 connectors are enabled
 
-  source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.56"
+  source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-pool?ref=v0.4.57"
 
   developer_provider_name = local.developer_provider_name
   name                    = "${local.env_qualifier}-azure-ad-federation"
@@ -67,7 +67,7 @@ locals {
 module "cognito_identity" {
   count = local.msft_365_enabled ? 1 : 0 # only provision identity pool if MSFT-365 connectors are enabled
 
-  source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-identity-cli?ref=v0.4.56"
+  source = "git::https://github.com/worklytics/psoxy//infra/modules/aws-cognito-identity-cli?ref=v0.4.57"
 
   aws_region       = data.aws_region.current.id
   aws_role         = var.aws_assume_role_arn
@@ -103,7 +103,7 @@ locals {
 module "msft_connection_auth_federation" {
   for_each = local.provision_entraid_apps ? local.enabled_to_entraid_object : local.shared_to_entraid_object
 
-  source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.56"
+  source = "git::https://github.com/worklytics/psoxy//infra/modules/azuread-federated-credentials?ref=v0.4.57"
 
   application_object_id = each.value.connector_id
   display_name          = "${local.env_qualifier}AccessFromAWS"
diff --git a/variables.tf b/variables.tf
index 7450b2f..da0aa4f 100644
--- a/variables.tf
+++ b/variables.tf
@@ -36,6 +36,12 @@ variable "aws_region" {
   default     = "us-east-1"
 }
 
+variable "iam_roles_permissions_boundary" {
+  type        = string
+  description = "*beta* ARN of the permissions boundary to attach to IAM roles created by this module."
+  default     = null
+}
+
 variable "default_tags" {
   type        = map(string)
   description = "Tags to apply to all resources created by this configuration. See https://registry.terraform.io/providers/hashicorp/aws/latest/docs#default_tags for more info."