diff --git a/examples/iam-account/README.md b/examples/iam-account/README.md
index 36726a8b..540651c4 100644
--- a/examples/iam-account/README.md
+++ b/examples/iam-account/README.md
@@ -19,8 +19,8 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
diff --git a/examples/iam-account/versions.tf b/examples/iam-account/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-account/versions.tf
+++ b/examples/iam-account/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-assumable-role-with-oidc/README.md b/examples/iam-assumable-role-with-oidc/README.md
index 20e3742d..76686b05 100644
--- a/examples/iam-assumable-role-with-oidc/README.md
+++ b/examples/iam-assumable-role-with-oidc/README.md
@@ -19,8 +19,8 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
diff --git a/examples/iam-assumable-role-with-oidc/versions.tf b/examples/iam-assumable-role-with-oidc/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-assumable-role-with-oidc/versions.tf
+++ b/examples/iam-assumable-role-with-oidc/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-assumable-role-with-saml/README.md b/examples/iam-assumable-role-with-saml/README.md
index 6fbb43db..8833fffb 100644
--- a/examples/iam-assumable-role-with-saml/README.md
+++ b/examples/iam-assumable-role-with-saml/README.md
@@ -19,14 +19,14 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/examples/iam-assumable-role-with-saml/versions.tf b/examples/iam-assumable-role-with-saml/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-assumable-role-with-saml/versions.tf
+++ b/examples/iam-assumable-role-with-saml/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-assumable-role/README.md b/examples/iam-assumable-role/README.md
index 8fd6b4e9..e66df7f8 100644
--- a/examples/iam-assumable-role/README.md
+++ b/examples/iam-assumable-role/README.md
@@ -21,14 +21,14 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/examples/iam-assumable-role/versions.tf b/examples/iam-assumable-role/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-assumable-role/versions.tf
+++ b/examples/iam-assumable-role/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-assumable-roles-with-saml/README.md b/examples/iam-assumable-roles-with-saml/README.md
index 012a47f2..1c37a74c 100644
--- a/examples/iam-assumable-roles-with-saml/README.md
+++ b/examples/iam-assumable-roles-with-saml/README.md
@@ -19,14 +19,14 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/examples/iam-assumable-roles-with-saml/versions.tf b/examples/iam-assumable-roles-with-saml/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-assumable-roles-with-saml/versions.tf
+++ b/examples/iam-assumable-roles-with-saml/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-assumable-roles/README.md b/examples/iam-assumable-roles/README.md
index ca542cb3..ba49e85e 100644
--- a/examples/iam-assumable-roles/README.md
+++ b/examples/iam-assumable-roles/README.md
@@ -19,8 +19,8 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
diff --git a/examples/iam-assumable-roles/versions.tf b/examples/iam-assumable-roles/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-assumable-roles/versions.tf
+++ b/examples/iam-assumable-roles/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-eks-role/README.md b/examples/iam-eks-role/README.md
index beb9e459..99c0b47d 100644
--- a/examples/iam-eks-role/README.md
+++ b/examples/iam-eks-role/README.md
@@ -19,15 +19,15 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
| [random](#requirement\_random) | >= 2.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
| [random](#provider\_random) | >= 2.0 |
## Modules
diff --git a/examples/iam-eks-role/main.tf b/examples/iam-eks-role/main.tf
index 4a674619..d51105f9 100644
--- a/examples/iam-eks-role/main.tf
+++ b/examples/iam-eks-role/main.tf
@@ -14,9 +14,9 @@ module "iam_eks_role" {
Name = "eks-role"
}
- role_policy_arns = [
- "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
- ]
+ role_policy_arns = {
+ AmazonEKS_CNI_Policy = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
+ }
}
##################
@@ -41,6 +41,7 @@ module "eks" {
##################################################################
# Data sources to get VPC, subnet, security group and AMI details
##################################################################
+
data "aws_vpc" "default" {
default = true
}
diff --git a/examples/iam-eks-role/versions.tf b/examples/iam-eks-role/versions.tf
index a319a2ab..981f3b19 100644
--- a/examples/iam-eks-role/versions.tf
+++ b/examples/iam-eks-role/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
random = {
source = "hashicorp/random"
diff --git a/examples/iam-group-complete/README.md b/examples/iam-group-complete/README.md
index 8a355319..326fe088 100644
--- a/examples/iam-group-complete/README.md
+++ b/examples/iam-group-complete/README.md
@@ -21,8 +21,8 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
diff --git a/examples/iam-group-complete/versions.tf b/examples/iam-group-complete/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-group-complete/versions.tf
+++ b/examples/iam-group-complete/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-group-with-assumable-roles-policy/README.md b/examples/iam-group-with-assumable-roles-policy/README.md
index 1827d39d..ebe96657 100644
--- a/examples/iam-group-with-assumable-roles-policy/README.md
+++ b/examples/iam-group-with-assumable-roles-policy/README.md
@@ -19,15 +19,15 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
-| [aws.production](#provider\_aws.production) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
+| [aws.production](#provider\_aws.production) | >= 4.0 |
## Modules
diff --git a/examples/iam-group-with-assumable-roles-policy/versions.tf b/examples/iam-group-with-assumable-roles-policy/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-group-with-assumable-roles-policy/versions.tf
+++ b/examples/iam-group-with-assumable-roles-policy/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-group-with-policies/README.md b/examples/iam-group-with-policies/README.md
index 3d31fd66..a01542d1 100644
--- a/examples/iam-group-with-policies/README.md
+++ b/examples/iam-group-with-policies/README.md
@@ -19,14 +19,14 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/examples/iam-group-with-policies/versions.tf b/examples/iam-group-with-policies/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-group-with-policies/versions.tf
+++ b/examples/iam-group-with-policies/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-policy/README.md b/examples/iam-policy/README.md
index 962b55b7..f3584a9a 100644
--- a/examples/iam-policy/README.md
+++ b/examples/iam-policy/README.md
@@ -19,14 +19,14 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/examples/iam-policy/versions.tf b/examples/iam-policy/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-policy/versions.tf
+++ b/examples/iam-policy/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-read-only-policy/README.md b/examples/iam-read-only-policy/README.md
index c998b610..acd5d611 100644
--- a/examples/iam-read-only-policy/README.md
+++ b/examples/iam-read-only-policy/README.md
@@ -19,14 +19,14 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/examples/iam-read-only-policy/versions.tf b/examples/iam-read-only-policy/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/examples/iam-read-only-policy/versions.tf
+++ b/examples/iam-read-only-policy/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-role-for-service-accounts-eks/README.md b/examples/iam-role-for-service-accounts-eks/README.md
index 85067395..625a5bfa 100644
--- a/examples/iam-role-for-service-accounts-eks/README.md
+++ b/examples/iam-role-for-service-accounts-eks/README.md
@@ -19,12 +19,14 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.13.1 |
-| [aws](#requirement\_aws) | >= 3.0 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
-No providers.
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
@@ -38,7 +40,7 @@ No providers.
| [disabled](#module\_disabled) | ../../modules/iam-role-for-service-accounts-eks | n/a |
| [ebs\_csi\_irsa\_role](#module\_ebs\_csi\_irsa\_role) | ../../modules/iam-role-for-service-accounts-eks | n/a |
| [efs\_csi\_irsa\_role](#module\_efs\_csi\_irsa\_role) | ../../modules/iam-role-for-service-accounts-eks | n/a |
-| [eks](#module\_eks) | terraform-aws-modules/eks/aws | ~> 18.6 |
+| [eks](#module\_eks) | terraform-aws-modules/eks/aws | ~> 18.21 |
| [external\_dns\_irsa\_role](#module\_external\_dns\_irsa\_role) | ../../modules/iam-role-for-service-accounts-eks | n/a |
| [external\_secrets\_irsa\_role](#module\_external\_secrets\_irsa\_role) | ../../modules/iam-role-for-service-accounts-eks | n/a |
| [fsx\_lustre\_csi\_irsa\_role](#module\_fsx\_lustre\_csi\_irsa\_role) | ../../modules/iam-role-for-service-accounts-eks | n/a |
@@ -54,7 +56,9 @@ No providers.
## Resources
-No resources.
+| Name | Type |
+|------|------|
+| [aws_iam_policy.additional](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
## Inputs
diff --git a/examples/iam-role-for-service-accounts-eks/main.tf b/examples/iam-role-for-service-accounts-eks/main.tf
index 68ccf99f..dd6b4dcd 100644
--- a/examples/iam-role-for-service-accounts-eks/main.tf
+++ b/examples/iam-role-for-service-accounts-eks/main.tf
@@ -3,9 +3,8 @@ provider "aws" {
}
locals {
- name = "ex-iam-eks-role"
- cluster_version = "1.21"
- region = "eu-west-1"
+ name = "ex-iam-eks-role"
+ region = "eu-west-1"
tags = {
Example = local.name
@@ -40,9 +39,10 @@ module "irsa_role" {
}
}
- role_policy_arns = [
- "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
- ]
+ role_policy_arns = {
+ AmazonEKS_CNI_Policy = "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"
+ additional = aws_iam_policy.additional.arn
+ }
tags = local.tags
}
@@ -362,10 +362,10 @@ module "vpc" {
module "eks" {
source = "terraform-aws-modules/eks/aws"
- version = "~> 18.6"
+ version = "~> 18.21"
cluster_name = local.name
- cluster_version = local.cluster_version
+ cluster_version = "1.22"
vpc_id = module.vpc.vpc_id
subnet_ids = module.vpc.private_subnets
@@ -376,3 +376,23 @@ module "eks" {
tags = local.tags
}
+
+resource "aws_iam_policy" "additional" {
+ name = "${local.name}-additional"
+ description = "Additional test policy"
+
+ policy = jsonencode({
+ Version = "2012-10-17"
+ Statement = [
+ {
+ Action = [
+ "ec2:Describe*",
+ ]
+ Effect = "Allow"
+ Resource = "*"
+ },
+ ]
+ })
+
+ tags = local.tags
+}
diff --git a/examples/iam-role-for-service-accounts-eks/versions.tf b/examples/iam-role-for-service-accounts-eks/versions.tf
index fe1f6e88..d8dd1a44 100644
--- a/examples/iam-role-for-service-accounts-eks/versions.tf
+++ b/examples/iam-role-for-service-accounts-eks/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.13.1"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 3.0"
+ version = ">= 4.0"
}
}
}
diff --git a/examples/iam-user/README.md b/examples/iam-user/README.md
index a218e3f0..4a64257b 100644
--- a/examples/iam-user/README.md
+++ b/examples/iam-user/README.md
@@ -20,8 +20,8 @@ Run `terraform destroy` when you don't need these resources.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.50 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
diff --git a/examples/iam-user/versions.tf b/examples/iam-user/versions.tf
index 6c8fa913..d8dd1a44 100644
--- a/examples/iam-user/versions.tf
+++ b/examples/iam-user/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.50"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-account/README.md b/modules/iam-account/README.md
index d46c4409..4dc51a5c 100644
--- a/modules/iam-account/README.md
+++ b/modules/iam-account/README.md
@@ -26,14 +26,14 @@ Import successful!
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-account/versions.tf b/modules/iam-account/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/modules/iam-account/versions.tf
+++ b/modules/iam-account/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-assumable-role-with-oidc/README.md b/modules/iam-assumable-role-with-oidc/README.md
index ac39c9aa..2d53a1a3 100644
--- a/modules/iam-assumable-role-with-oidc/README.md
+++ b/modules/iam-assumable-role-with-oidc/README.md
@@ -11,14 +11,14 @@ This module supports IAM Roles for kubernetes service accounts as described in t
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-assumable-role-with-oidc/versions.tf b/modules/iam-assumable-role-with-oidc/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/modules/iam-assumable-role-with-oidc/versions.tf
+++ b/modules/iam-assumable-role-with-oidc/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-assumable-role-with-saml/README.md b/modules/iam-assumable-role-with-saml/README.md
index 1d97905e..15f3c8f8 100644
--- a/modules/iam-assumable-role-with-saml/README.md
+++ b/modules/iam-assumable-role-with-saml/README.md
@@ -10,14 +10,14 @@ Creates single IAM role which can be assumed by trusted resources using SAML Fed
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-assumable-role-with-saml/versions.tf b/modules/iam-assumable-role-with-saml/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/modules/iam-assumable-role-with-saml/versions.tf
+++ b/modules/iam-assumable-role-with-saml/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-assumable-role/README.md b/modules/iam-assumable-role/README.md
index 6abefffa..a7ce8fac 100644
--- a/modules/iam-assumable-role/README.md
+++ b/modules/iam-assumable-role/README.md
@@ -9,14 +9,14 @@ Trusted resources can be any [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/U
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 3.34 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 3.34 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-assumable-role/versions.tf b/modules/iam-assumable-role/versions.tf
index 1fe6583f..d8dd1a44 100644
--- a/modules/iam-assumable-role/versions.tf
+++ b/modules/iam-assumable-role/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 3.34"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-assumable-roles-with-saml/README.md b/modules/iam-assumable-roles-with-saml/README.md
index df772d9f..8e81a897 100644
--- a/modules/iam-assumable-roles-with-saml/README.md
+++ b/modules/iam-assumable-roles-with-saml/README.md
@@ -11,14 +11,14 @@ Creates predefined IAM roles (admin, poweruser and readonly) which can be assume
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-assumable-roles-with-saml/versions.tf b/modules/iam-assumable-roles-with-saml/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/modules/iam-assumable-roles-with-saml/versions.tf
+++ b/modules/iam-assumable-roles-with-saml/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-assumable-roles/README.md b/modules/iam-assumable-roles/README.md
index 9adf8a67..3779d71b 100644
--- a/modules/iam-assumable-roles/README.md
+++ b/modules/iam-assumable-roles/README.md
@@ -9,14 +9,14 @@ Trusted resources can be any [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/U
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-assumable-roles/versions.tf b/modules/iam-assumable-roles/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/modules/iam-assumable-roles/versions.tf
+++ b/modules/iam-assumable-roles/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-eks-role/README.md b/modules/iam-eks-role/README.md
index 68209948..2b9fdf73 100644
--- a/modules/iam-eks-role/README.md
+++ b/modules/iam-eks-role/README.md
@@ -78,14 +78,14 @@ module "iam_eks_role" {
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
@@ -96,7 +96,7 @@ No modules.
| Name | Type |
|------|------|
| [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role_policy_attachment.custom](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_eks_cluster.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |
| [aws_iam_policy_document.assume_role_with_oidc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
@@ -115,7 +115,7 @@ No modules.
| [role\_name\_prefix](#input\_role\_name\_prefix) | IAM role name prefix | `string` | `null` | no |
| [role\_path](#input\_role\_path) | Path of IAM role | `string` | `"/"` | no |
| [role\_permissions\_boundary\_arn](#input\_role\_permissions\_boundary\_arn) | Permissions boundary ARN to use for IAM role | `string` | `""` | no |
-| [role\_policy\_arns](#input\_role\_policy\_arns) | ARNs of any policies to attach to the IAM role | `list(string)` | `[]` | no |
+| [role\_policy\_arns](#input\_role\_policy\_arns) | ARNs of any policies to attach to the IAM role | `map(string)` | `{}` | no |
| [tags](#input\_tags) | A map of tags to add the the IAM role | `map(any)` | `{}` | no |
## Outputs
diff --git a/modules/iam-eks-role/main.tf b/modules/iam-eks-role/main.tf
index 2f23873f..31dac45e 100644
--- a/modules/iam-eks-role/main.tf
+++ b/modules/iam-eks-role/main.tf
@@ -48,9 +48,9 @@ resource "aws_iam_role" "this" {
tags = var.tags
}
-resource "aws_iam_role_policy_attachment" "custom" {
- for_each = toset([for arn in var.role_policy_arns : arn if var.create_role])
+resource "aws_iam_role_policy_attachment" "this" {
+ for_each = { for k, v in var.role_policy_arns : k => v if var.create_role }
role = aws_iam_role.this[0].name
- policy_arn = each.key
+ policy_arn = each.value
}
diff --git a/modules/iam-eks-role/variables.tf b/modules/iam-eks-role/variables.tf
index aada84ee..5f69d755 100644
--- a/modules/iam-eks-role/variables.tf
+++ b/modules/iam-eks-role/variables.tf
@@ -36,8 +36,8 @@ variable "role_name_prefix" {
variable "role_policy_arns" {
description = "ARNs of any policies to attach to the IAM role"
- type = list(string)
- default = []
+ type = map(string)
+ default = {}
}
variable "cluster_service_accounts" {
diff --git a/modules/iam-eks-role/versions.tf b/modules/iam-eks-role/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/modules/iam-eks-role/versions.tf
+++ b/modules/iam-eks-role/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-group-with-assumable-roles-policy/README.md b/modules/iam-group-with-assumable-roles-policy/README.md
index 625a04fc..c1e1bd7a 100644
--- a/modules/iam-group-with-assumable-roles-policy/README.md
+++ b/modules/iam-group-with-assumable-roles-policy/README.md
@@ -7,14 +7,14 @@ Creates IAM group with users who are allowed to assume IAM roles. This is typica
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-group-with-assumable-roles-policy/versions.tf b/modules/iam-group-with-assumable-roles-policy/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/modules/iam-group-with-assumable-roles-policy/versions.tf
+++ b/modules/iam-group-with-assumable-roles-policy/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-group-with-policies/README.md b/modules/iam-group-with-policies/README.md
index 0d276937..bbd813fc 100644
--- a/modules/iam-group-with-policies/README.md
+++ b/modules/iam-group-with-policies/README.md
@@ -7,14 +7,14 @@ Creates IAM group with specified IAM policies, and add users into a group.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-group-with-policies/versions.tf b/modules/iam-group-with-policies/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/modules/iam-group-with-policies/versions.tf
+++ b/modules/iam-group-with-policies/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-policy/README.md b/modules/iam-policy/README.md
index 216e1a77..21c54dec 100644
--- a/modules/iam-policy/README.md
+++ b/modules/iam-policy/README.md
@@ -7,14 +7,14 @@ Creates IAM policy.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 3.35 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 3.35 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-policy/versions.tf b/modules/iam-policy/versions.tf
index 38ab12c5..d8dd1a44 100644
--- a/modules/iam-policy/versions.tf
+++ b/modules/iam-policy/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 3.35"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-read-only-policy/README.md b/modules/iam-read-only-policy/README.md
index 21e7f267..963f28cc 100644
--- a/modules/iam-read-only-policy/README.md
+++ b/modules/iam-read-only-policy/README.md
@@ -8,14 +8,14 @@ Thus this module is an attempt to build a better base for a customizable usable
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.23 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.23 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-read-only-policy/versions.tf b/modules/iam-read-only-policy/versions.tf
index 4e3fe457..d8dd1a44 100644
--- a/modules/iam-read-only-policy/versions.tf
+++ b/modules/iam-read-only-policy/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.23"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-role-for-service-accounts-eks/README.md b/modules/iam-role-for-service-accounts-eks/README.md
index 392de6c4..5c85d97e 100644
--- a/modules/iam-role-for-service-accounts-eks/README.md
+++ b/modules/iam-role-for-service-accounts-eks/README.md
@@ -100,14 +100,14 @@ module "eks" {
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.13.1 |
-| [aws](#requirement\_aws) | >= 3.0 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 3.0 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
@@ -216,7 +216,7 @@ No modules.
| [role\_name\_prefix](#input\_role\_name\_prefix) | IAM role name prefix | `string` | `null` | no |
| [role\_path](#input\_role\_path) | Path of IAM role | `string` | `null` | no |
| [role\_permissions\_boundary\_arn](#input\_role\_permissions\_boundary\_arn) | Permissions boundary ARN to use for IAM role | `string` | `null` | no |
-| [role\_policy\_arns](#input\_role\_policy\_arns) | ARNs of any policies to attach to the IAM role | `list(string)` | `[]` | no |
+| [role\_policy\_arns](#input\_role\_policy\_arns) | ARNs of any policies to attach to the IAM role | `map(string)` | `{}` | no |
| [tags](#input\_tags) | A map of tags to add the the IAM role | `map(any)` | `{}` | no |
| [velero\_s3\_bucket\_arns](#input\_velero\_s3\_bucket\_arns) | List of S3 Bucket ARNs that Velero needs access to in order to backup and restore cluster resources | `list(string)` | [
"*"
]
| no |
| [vpc\_cni\_enable\_ipv4](#input\_vpc\_cni\_enable\_ipv4) | Determines whether to enable IPv4 permissions for VPC CNI policy | `bool` | `false` | no |
diff --git a/modules/iam-role-for-service-accounts-eks/main.tf b/modules/iam-role-for-service-accounts-eks/main.tf
index 5ce87eb7..075ebec6 100644
--- a/modules/iam-role-for-service-accounts-eks/main.tf
+++ b/modules/iam-role-for-service-accounts-eks/main.tf
@@ -47,8 +47,8 @@ resource "aws_iam_role" "this" {
}
resource "aws_iam_role_policy_attachment" "this" {
- for_each = toset([for arn in var.role_policy_arns : arn if var.create_role])
+ for_each = { for k, v in var.role_policy_arns : k => v if var.create_role }
role = aws_iam_role.this[0].name
- policy_arn = each.key
+ policy_arn = each.value
}
diff --git a/modules/iam-role-for-service-accounts-eks/variables.tf b/modules/iam-role-for-service-accounts-eks/variables.tf
index 6bd9b4e1..3d9504fc 100644
--- a/modules/iam-role-for-service-accounts-eks/variables.tf
+++ b/modules/iam-role-for-service-accounts-eks/variables.tf
@@ -42,8 +42,8 @@ variable "policy_name_prefix" {
variable "role_policy_arns" {
description = "ARNs of any policies to attach to the IAM role"
- type = list(string)
- default = []
+ type = map(string)
+ default = {}
}
variable "oidc_providers" {
diff --git a/modules/iam-role-for-service-accounts-eks/versions.tf b/modules/iam-role-for-service-accounts-eks/versions.tf
index fe1f6e88..d8dd1a44 100644
--- a/modules/iam-role-for-service-accounts-eks/versions.tf
+++ b/modules/iam-role-for-service-accounts-eks/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.13.1"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 3.0"
+ version = ">= 4.0"
}
}
}
diff --git a/modules/iam-user/README.md b/modules/iam-user/README.md
index cf93a623..1d6a2fc4 100644
--- a/modules/iam-user/README.md
+++ b/modules/iam-user/README.md
@@ -23,14 +23,14 @@ This module outputs commands and PGP messages which can be decrypted either usin
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.12.6 |
-| [aws](#requirement\_aws) | >= 2.50 |
+| [terraform](#requirement\_terraform) | >= 1.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 2.50 |
+| [aws](#provider\_aws) | >= 4.0 |
## Modules
diff --git a/modules/iam-user/versions.tf b/modules/iam-user/versions.tf
index 6c8fa913..d8dd1a44 100644
--- a/modules/iam-user/versions.tf
+++ b/modules/iam-user/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.12.6"
+ required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 2.50"
+ version = ">= 4.0"
}
}
}