fix: Add missing condition role_session_name when assuming a role (#418)

terraform-aws-modules · Aug 30, 2023 · 89d011e · 89d011e
1 parent 2ce2fd1
commit 89d011e
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/modules/iam-assumable-role/main.tf b/modules/iam-assumable-role/main.tf
@@ -55,6 +55,15 @@ data "aws_iam_policy_document" "assume_role" {
         values   = local.role_sts_externalid
       }
     }
+
+    dynamic "condition" {
+      for_each = var.role_requires_session_name ? [1] : []
+      content {
+        test     = "StringEquals"
+        variable = "sts:RoleSessionName"
+        values   = var.role_session_name
+      }
+    }
   }
 }