Skip to content

Latest commit

 

History

History
65 lines (46 loc) · 4.09 KB

README.md

File metadata and controls

65 lines (46 loc) · 4.09 KB
Raw

Terraform Module for CDP Credential Prerequisites on AWS

This module contains resource files and example variable definition files for creation of the Cloudera Data Platform (CDP) Public Cloud Cross Account Credential pre-requisite on AWS.

Support for using a pre-existing Cross Account Role is provided via the existing_xaccount_role_name input variable. When this is set no policy or role resources are created. Instead a lookup of the details of the existing role takes place and the role ARN is returned.

Usage

The examples directory has the following examples for Cross Account Credentials on AWS:

  • ex01-minimal-inputs uses the minimum set of inputs for the module where the Cross Account policy and roles are to be created.

  • ex02-existing-role passes a pre-existing Cross Account role to the module. In this case no resources are created.

In each directory an example terraform.tfvars.sample values file is included to show input variable values.

Requirements

Name Version
terraform >= 1.3.0
aws ~>5.30
time 0.9.1

Providers

Name Version
aws ~>5.30
time 0.9.1

Modules

No modules.

Resources

Name Type
aws_iam_role.cdp_xaccount_role resource
aws_iam_role_policy.cdp_xaccount_policy resource
time_sleep.iam_propagation resource
aws_iam_policy_document.cdp_xaccount_role_policy_doc data source
aws_iam_role.existing_xaccount_role data source

Inputs

Name Description Type Default Required
existing_xaccount_role_name Name of existing CDP Cross Account Role. If set then no policy or role resources are created. string null no
tags Tags applied to provised resources map(any) null no
xaccount_account_id Account ID of the cross account. Required if xaccount resources are to be created. string null no
xaccount_account_policy_doc Contents of cross acount policy document. Required if xaccount resources are to be created. string null no
xaccount_external_id External ID of the cross account. Required if xaccount resources are to be created. string null no
xaccount_policy_name Cross Account Policy name. Required if xaccount resources are to be created. string null no
xaccount_role_name Cross account Assume role Name. Required if xaccount resources are to be created. string null no

Outputs

Name Description
aws_xaccount_role_arn Cross Account role ARN
aws_xaccount_role_name Cross Account role name