| Name | Version |
|---|---|
| terraform | >= 1.0.3, < 2.0.0 |
| aws | >= 3.30.0 |
| Name | Version |
|---|---|
| aws | 5.44.0 |
No modules.
| Name | Type |
|---|---|
| aws_iam_role.cookielab_api | resource |
| aws_iam_role.cookielab_console | resource |
| aws_iam_role_policy_attachment.cookielab_api_admin | resource |
| aws_iam_role_policy_attachment.cookielab_api_ro | resource |
| aws_iam_role_policy_attachment.cookielab_console_admin | resource |
| aws_iam_role_policy_attachment.cookielab_console_ro | resource |
| aws_iam_policy_document.cookielab_assume_api | data source |
| aws_iam_policy_document.cookielab_assume_console | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| administrator | ReadOnly or Administrator Access | bool |
false |
no |
| assume_from_sso | List of objects containing aws_source_account_id, sso_region and sso_permissions_set_name to be allowed to assume console role |
list(object({ |
[] |
no |
| destination_role_name_api | Role name for API access in destination AWS account | string |
null |
no |
| destination_role_name_console | Role name for Console access in destination AWS account | string |
null |
no |
| destination_role_name_prefix | Prefix for role names in destination AWS account | string |
"zzzzz-" |
no |
| external_id | External ID for link verification | string |
n/a | yes |
| source_role_arn | Role ARN in source AWS account | string |
n/a | yes |
| Name | Description |
|---|---|
| api_role_arn | n/a |
| api_role_name | n/a |
| console_role_arn | n/a |
| console_role_name | n/a |