From 8923059637f08af8d97f4dba98d422d9da582f86 Mon Sep 17 00:00:00 2001 From: Sebastian Voss <1159262+sebastianvoss@users.noreply.github.com> Date: Fri, 16 Aug 2024 18:55:36 +0200 Subject: [PATCH] Add role_requires_session_name --- wrappers/iam-assumable-roles/main.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/wrappers/iam-assumable-roles/main.tf b/wrappers/iam-assumable-roles/main.tf index ca3a5c92..fa8ee8ca 100644 --- a/wrappers/iam-assumable-roles/main.tf +++ b/wrappers/iam-assumable-roles/main.tf @@ -28,6 +28,8 @@ module "wrapper" { readonly_role_policy_arns = try(each.value.readonly_role_policy_arns, var.defaults.readonly_role_policy_arns, ["arn:aws:iam::aws:policy/ReadOnlyAccess"]) readonly_role_requires_mfa = try(each.value.readonly_role_requires_mfa, var.defaults.readonly_role_requires_mfa, true) readonly_role_tags = try(each.value.readonly_role_tags, var.defaults.readonly_role_tags, {}) + role_requires_session_name = try(each.value.role_requires_session_name, var.defaults.role_requires_session_name, false) + role_session_name = try(each.value.role_session_name, var.defaults.role_session_name, ["$${aws:username}"]) trusted_role_actions = try(each.value.trusted_role_actions, var.defaults.trusted_role_actions, ["sts:AssumeRole", "sts:TagSession"]) trusted_role_arns = try(each.value.trusted_role_arns, var.defaults.trusted_role_arns, []) trusted_role_services = try(each.value.trusted_role_services, var.defaults.trusted_role_services, [])