Adding a variabe to use an aws role without creating one (#74)

* update to use non-depracated modules and to use python3 * updated the workflow for aws-ansible to only run when changes are made to that directory * add var for aws_iam role when create role is false * syntax fix for new aws role var
kentik · Apr 20, 2024 · c3073fa · c3073fa
1 parent 6897321
commit c3073fa
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/cloud_AWS/terraform/module/cloudexport.tf b/cloud_AWS/terraform/module/cloudexport.tf
@@ -21,7 +21,7 @@ resource "kentik-cloudexport_item" "aws_export" {
       for bucketobject in aws_s3_bucket.vpc_logs :
       (var.s3_flowlogs_path == "" ? bucketobject.bucket : "${bucketobject.bucket}/${var.s3_flowlogs_path}")
     ])
-    iam_role_arn      = var.create_role ? aws_iam_role.kentik_role[0].arn : ""
+    iam_role_arn      = var.create_role ? aws_iam_role.kentik_role[0].arn : var.aws_iam_role_no_create
     region            = var.region
     delete_after_read = var.delete_after_read
     multiple_buckets  = var.multiple_buckets

diff --git a/cloud_AWS/terraform/module/variables.tf b/cloud_AWS/terraform/module/variables.tf
@@ -101,3 +101,9 @@ variable "external_id" {
   type        = string
   default     = ""
 }
+
+variable "aws_iam_role_no_create" {
+  description = "AWS Role to use if create role is false"
+  type        = string
+  default     = ""
+}