kubevela
/
kubevela.github.io
mirror of https://github.com/kubevela/kubevela.github.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
kubevela.github.io/docs/end-user/components/cloud-services/terraform/aws-iam-assumable-roles-wit...

48 lines
2.8 KiB
Markdown
Raw Blame History

---
title: AWS IAM-ASSUMABLE-ROLES-WITH-SAML
---
## Description
Terraform module which creates IAM resources on AWS
## Specification
### Properties
Name | Description | Type | Required | Default
------------ | ------------- | ------------- | ------------- | -------------
admin_role_name | IAM role with admin access | string | false |
admin_role_path | Path of admin IAM role | string | false |
admin_role_permissions_boundary_arn | Permissions boundary ARN to use for admin role | string | false |
admin_role_policy_arns | List of policy ARNs to use for admin role | list(string) | false |
admin_role_tags | A map of tags to add to admin role resource. | map(string) | false |
aws_saml_endpoint | AWS SAML Endpoint | string | false |
create_admin_role | Whether to create admin role | bool | false |
create_poweruser_role | Whether to create poweruser role | bool | false |
create_readonly_role | Whether to create readonly role | bool | false |
force_detach_policies | Whether policies should be detached from this role when destroying | bool | false |
max_session_duration | Maximum CLI/API session duration in seconds between 3600 and 43200 | number | false |
poweruser_role_name | IAM role with poweruser access | string | false |
poweruser_role_path | Path of poweruser IAM role | string | false |
poweruser_role_permissions_boundary_arn | Permissions boundary ARN to use for poweruser role | string | false |
poweruser_role_policy_arns | List of policy ARNs to use for poweruser role | list(string) | false |
poweruser_role_tags | A map of tags to add to poweruser role resource. | map(string) | false |
provider_id | ID of the SAML Provider. Use provider_ids to specify several IDs. | string | false |
provider_ids | List of SAML Provider IDs | list(string) | false |
readonly_role_name | IAM role with readonly access | string | false |
readonly_role_path | Path of readonly IAM role | string | false |
readonly_role_permissions_boundary_arn | Permissions boundary ARN to use for readonly role | string | false |
readonly_role_policy_arns | List of policy ARNs to use for readonly role | list(string) | false |
readonly_role_tags | A map of tags to add to readonly role resource. | map(string) | false |
writeConnectionSecretToRef | The secret which the cloud resource connection will be written to | [writeConnectionSecretToRef](#writeConnectionSecretToRef) | false |
#### writeConnectionSecretToRef
Name | Description | Type | Required | Default
------------ | ------------- | ------------- | ------------- | -------------
name | The secret name which the cloud resource connection will be written to | string | true |
namespace | The secret namespace which the cloud resource connection will be written to | string | false |
Reference in New Issue View Git Blame Copy Permalink