From c3073fa65d5935a0f8a4a05796c5a29bdbf282b7 Mon Sep 17 00:00:00 2001
From: kentikethan <119891787+kentikethan@users.noreply.github.com>
Date: Fri, 19 Apr 2024 18:19:54 -0700
Subject: [PATCH] Adding a variabe to use an aws role without creating one
 (#74)

* update to use non-depracated modules and to use python3

* updated the workflow for aws-ansible to only run when changes are made to that directory

* add var for aws_iam role when create role is false

* syntax fix for new aws role var
---
 cloud_AWS/terraform/module/cloudexport.tf | 2 +-
 cloud_AWS/terraform/module/variables.tf   | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/cloud_AWS/terraform/module/cloudexport.tf b/cloud_AWS/terraform/module/cloudexport.tf
index 4d9dea0..cad00ea 100644
--- a/cloud_AWS/terraform/module/cloudexport.tf
+++ b/cloud_AWS/terraform/module/cloudexport.tf
@@ -21,7 +21,7 @@ resource "kentik-cloudexport_item" "aws_export" {
       for bucketobject in aws_s3_bucket.vpc_logs :
       (var.s3_flowlogs_path == "" ? bucketobject.bucket : "${bucketobject.bucket}/${var.s3_flowlogs_path}")
     ])
-    iam_role_arn      = var.create_role ? aws_iam_role.kentik_role[0].arn : ""
+    iam_role_arn      = var.create_role ? aws_iam_role.kentik_role[0].arn : var.aws_iam_role_no_create
     region            = var.region
     delete_after_read = var.delete_after_read
     multiple_buckets  = var.multiple_buckets
diff --git a/cloud_AWS/terraform/module/variables.tf b/cloud_AWS/terraform/module/variables.tf
index 060e357..9e9e56f 100644
--- a/cloud_AWS/terraform/module/variables.tf
+++ b/cloud_AWS/terraform/module/variables.tf
@@ -101,3 +101,9 @@ variable "external_id" {
   type        = string
   default     = ""
 }
+
+variable "aws_iam_role_no_create" {
+  description = "AWS Role to use if create role is false"
+  type        = string
+  default     = ""
+}