From 3c59715be4f5fc54810bd6565b1f74f6a98679f2 Mon Sep 17 00:00:00 2001
From: Leandro Carneiro <42899277+carnei-ro@users.noreply.github.com>
Date: Wed, 7 Apr 2021 08:18:28 -0300
Subject: [PATCH] feat: Add role unique_id output in iam-assumable-role module
(#143)
---
.github/workflows/pre-commit.yml | 38 +++++++++++++--------------
modules/iam-assumable-role/README.md | 1 +
modules/iam-assumable-role/outputs.tf | 5 ++++
3 files changed, 25 insertions(+), 19 deletions(-)
diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
index 7eaa782b..59cd0a89 100644
--- a/.github/workflows/pre-commit.yml
+++ b/.github/workflows/pre-commit.yml
@@ -7,30 +7,30 @@ on:
- master
jobs:
-# Min Terraform version(s)
+ # Min Terraform version(s)
getDirectories:
- name: Get root directories
- runs-on: ubuntu-latest
- steps:
- - name: Checkout
- uses: actions/checkout@v2
- - name: Install Python
- uses: actions/setup-python@v2
- - name: Build matrix
- id: matrix
- run: |
- DIRS=$(python -c "import json; import glob; print(json.dumps([x.replace('/versions.tf', '') for x in glob.glob('./**/versions.tf', recursive=True)]))")
- echo "::set-output name=directories::$DIRS"
- outputs:
- directories: ${{ steps.matrix.outputs.directories }}
+ name: Get root directories
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v2
+ - name: Install Python
+ uses: actions/setup-python@v2
+ - name: Build matrix
+ id: matrix
+ run: |
+ DIRS=$(python -c "import json; import glob; print(json.dumps([x.replace('/versions.tf', '') for x in glob.glob('./**/versions.tf', recursive=True)]))")
+ echo "::set-output name=directories::$DIRS"
+ outputs:
+ directories: ${{ steps.matrix.outputs.directories }}
preCommitMinVersions:
name: Min TF validate
needs: getDirectories
runs-on: ubuntu-latest
strategy:
- matrix:
- directory: ${{ fromJson(needs.getDirectories.outputs.directories) }}
+ matrix:
+ directory: ${{ fromJson(needs.getDirectories.outputs.directories) }}
steps:
- name: Checkout
uses: actions/checkout@v2
@@ -59,7 +59,7 @@ jobs:
pre-commit run terraform_validate --color=always --show-diff-on-failure --files $(ls *.tf)
-# Max Terraform version
+ # Max Terraform version
getBaseVersion:
name: Module max TF version
runs-on: ubuntu-latest
@@ -94,7 +94,7 @@ jobs:
- name: Install pre-commit dependencies
run: |
pip install pre-commit
- curl -L "$(curl -s https://api.github.com/repos/terraform-docs/terraform-docs/releases/latest | grep -o -E "https://.+?-v0.12.0-linux-amd64" | head -n1)" > terraform-docs && chmod +x terraform-docs && sudo mv terraform-docs /usr/bin/
+ curl -L "$(curl -s https://api.github.com/repos/terraform-docs/terraform-docs/releases/latest | grep -o -E "https://.+?-v0.12\..+?-linux-amd64" | head -n1)" > terraform-docs && chmod +x terraform-docs && sudo mv terraform-docs /usr/bin/
curl -L "$(curl -s https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")" > tflint.zip && unzip tflint.zip && rm tflint.zip && sudo mv tflint /usr/bin/
- name: Execute pre-commit
# Run all pre-commit checks on max version supported
diff --git a/modules/iam-assumable-role/README.md b/modules/iam-assumable-role/README.md
index 6c4a2e59..79306243 100644
--- a/modules/iam-assumable-role/README.md
+++ b/modules/iam-assumable-role/README.md
@@ -75,4 +75,5 @@ No modules.
| [this\_iam\_role\_arn](#output\_this\_iam\_role\_arn) | ARN of IAM role |
| [this\_iam\_role\_name](#output\_this\_iam\_role\_name) | Name of IAM role |
| [this\_iam\_role\_path](#output\_this\_iam\_role\_path) | Path of IAM role |
+| [this\_iam\_role\_unique\_id](#output\_this\_iam\_role\_unique\_id) | Unique ID of IAM role |
diff --git a/modules/iam-assumable-role/outputs.tf b/modules/iam-assumable-role/outputs.tf
index 10497370..90f74677 100644
--- a/modules/iam-assumable-role/outputs.tf
+++ b/modules/iam-assumable-role/outputs.tf
@@ -13,6 +13,11 @@ output "this_iam_role_path" {
value = element(concat(aws_iam_role.this.*.path, [""]), 0)
}
+output "this_iam_role_unique_id" {
+ description = "Unique ID of IAM role"
+ value = element(concat(aws_iam_role.this.*.unique_id, [""]), 0)
+}
+
output "role_requires_mfa" {
description = "Whether IAM role requires MFA"
value = var.role_requires_mfa