Skip to content

Commit

Permalink
Merge pull request #492 from ministryofjustice/fix/unused-output
Browse files Browse the repository at this point in the history 
Fixed broken output for iam user names
  • Loading branch information
@dms1981
dms1981 authored Oct 10, 2024
2 parents 984d317 + a8d5e1c commit bea5d08
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 11 deletions.
16 changes: 8 additions & 8 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,23 +4,23 @@
# - if a keybase key is provided, it will also create their user login profile
locals {
superadmin_users = {
"aaron.robinson" = ""
"david.elliott" = "keybase:davidkelliott"
"david.sibley" = ""
"ewa.stempel" = ""
"edward.proctor" = ""
"khatra.farah" = ""
"kudzai.mtoko" = ""
"mark.roberts" = ""
"aaron.robinson" = ""
"mike.reid" = ""
"richard.green" = ""
"sukesh.reddygade" = ""
"khatra.farah" = ""
"mike.reid" = ""
"kudzai.mtoko" = ""
}
}

# Create the initial IAM account referential
module "iam_account" {
source = "github.com/terraform-aws-modules/terraform-aws-iam.git//modules/iam-account?ref=25e2bf9f9f4757a7014b55db981be9d2beeab445"
source = "github.com/terraform-aws-modules/terraform-aws-iam.git//modules/iam-account?ref=617f4cbaef43e437233468dbeb743acf4069894e" #v5.46.0
account_alias = var.account_alias

# We create the password policy as part of `modernisation-platform-terraform-baselines` so
Expand All @@ -42,7 +42,7 @@ resource "time_sleep" "wait_30_seconds" {

# Create assumable roles with managed policies
module "iam_assumable_roles" {
source = "github.com/terraform-aws-modules/terraform-aws-iam.git//modules/iam-assumable-roles?ref=25e2bf9f9f4757a7014b55db981be9d2beeab445"
source = "github.com/terraform-aws-modules/terraform-aws-iam.git//modules/iam-assumable-roles?ref=617f4cbaef43e437233468dbeb743acf4069894e" #v5.46.0
max_session_duration = 43200

# Admin role
Expand Down Expand Up @@ -71,7 +71,7 @@ module "iam_assumable_roles" {
# Attach created users to a AWS IAM group, with several policies
#tfsec:ignore:aws-iam-enforce-group-mfa
module "iam_group_admins_with_policies" {
source = "github.com/terraform-aws-modules/terraform-aws-iam.git//modules/iam-group-with-policies?ref=25e2bf9f9f4757a7014b55db981be9d2beeab445"
source = "github.com/terraform-aws-modules/terraform-aws-iam.git//modules/iam-group-with-policies?ref=617f4cbaef43e437233468dbeb743acf4069894e" #v5.46.0
name = "superadmins"

group_users = [
Expand All @@ -97,7 +97,7 @@ module "iam_group_admins_with_policies" {
# Create each user
module "iam_user" {
for_each = local.superadmin_users
source = "github.com/terraform-aws-modules/terraform-aws-iam.git//modules/iam-user?ref=25e2bf9f9f4757a7014b55db981be9d2beeab445"
source = "github.com/terraform-aws-modules/terraform-aws-iam.git//modules/iam-user?ref=617f4cbaef43e437233468dbeb743acf4069894e" #v5.46.0
name = "${each.key}-superadmin"
force_destroy = true
pgp_key = each.value
Expand Down
7 changes: 4 additions & 3 deletions outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ output "superadmin_passwords" {
description = "Map of users and PGP-encrypted passwords, e.g. { bob: 'abcdefg123456' }"
}

output "iam_user_name" {
value = aws_iam_user.this[*].name
}
output "iam_user_names" {
value = [for user in module.iam_user : user.iam_user_name]
description = "List of usernames for simple validation"
}

0 comments on commit bea5d08

Please sign in to comment.