| Name | Version |
|---|---|
| terraform | ~> 1 |
| aws | >= 4, < 6 |
| tls | >= 4, < 5 |
| Name | Version |
|---|---|
| aws | 5.82.2 |
| tls | 4.0.6 |
No modules.
| Name | Type |
|---|---|
| aws_iam_openid_connect_provider.provider | resource |
| aws_iam_role.role | resource |
| aws_iam_role_policy_attachment.admin | resource |
| aws_iam_role_policy_attachment.custom | resource |
| aws_iam_role_policy_attachment.read_only | resource |
| aws_iam_openid_connect_provider.provider | data source |
| aws_iam_policy_document.assume_role | data source |
| aws_partition.current | data source |
| tls_certificate.provider | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| attach_admin_policy | Attach AdministratorAccess policy | bool |
false |
no |
| attach_read_only_policy | Attach ReadOnly policy | bool |
true |
no |
| create_oidc_provider | Create GitHub OIDC provider | bool |
true |
no |
| enabled | Enable resource creation | bool |
true |
no |
| force_detach_policies | Force detach IAM policies | bool |
false |
no |
| github_organisation | GitHub organisation name | string |
n/a | yes |
| github_repositories | GitHub repository names and branches | list(object({ |
[ |
no |
| iam_role_name | IAM role name | string |
"github-actions" |
no |
| iam_role_path | IAM role path | string |
"/" |
no |
| iam_role_permissions_boundary | IAM role permissions boundary ARN | string |
"" |
no |
| iam_role_policy_arns | IAM policy ARNs to attach | list(string) |
[] |
no |
| max_session_duration | Session duration in seconds | number |
3600 |
no |
| tags | Tags to apply to resources | map(string) |
{} |
no |
| url | Identity provider URL | string |
"token.actions.githubusercontent.com" |
no |
| Name | Description |
|---|---|
| repositories | List if GitHub repositories and branches |
| role_arn | AWS role ARN |
| role_id | AWS role ID |