terraform.aws-baseline-infra/modules/util/assume_role
2023-07-03 20:02:11 +08:00
..
assumeRole.sh UPD: changed to bash, added pipeline option, and switched to jq @base64 2023-07-03 19:57:25 +08:00
main.tf UPD: changed to bash, added pipeline option, and switched to jq @base64 2023-07-03 19:57:25 +08:00
README.md UPD: added reference to upstream module 2023-07-03 20:02:11 +08:00
variables.tf NEW: modules for assume role in shell and awscli 2023-07-01 16:52:19 +08:00

assume_role module

This module uses awscli, calls sts and obtain temp credentials for role switching. Returns the temp credential as a map.

System requirements

  • awscli
  • jq

Inputs

variable type required description
account_id string yes target aws account id
role_name string yes target role name
role_session_name string no session name, useful for tracing logs in cloudtrail. defaults to tf_awscli

Outputs

variable type sensitive description
temp_credential map of string yes json output from awscli
{
    "AccessKeyId": "111",
    "SecretAccessKey": "222",
    "SessionToken": "333",
    "Expiration": "2023-07-01T10:19:47+00:00"
}

References

This module is based on https://registry.terraform.io/modules/digitickets/cli/aws/latest