From 57e02bfad9a8d22743cd473dfa3dd32ec2a8f7f8 Mon Sep 17 00:00:00 2001 From: Richard Genthner Date: Sat, 22 Jul 2017 08:51:25 -0500 Subject: [PATCH] Added custom name support to KMS This allows you to use the custom naming for the IAM Role in the KMS module. --- main.tf | 1 + modules/s3/01-arngen.tf | 4 ++-- modules/s3/variables.tf | 2 ++ 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index bbf5651..978a2b1 100644 --- a/main.tf +++ b/main.tf @@ -88,6 +88,7 @@ module "s3" { name = "${var.cluster-name}" bucketname = "${var.bucketname}" worker-role = "${var.worker_role_name}" + master-role = "${var.master_role_name}" capem = "${var.capem}" cakey = "${var.cakey}" etcdpem = "${var.etcdpem}" diff --git a/modules/s3/01-arngen.tf b/modules/s3/01-arngen.tf index bed11bf..d4c5400 100644 --- a/modules/s3/01-arngen.tf +++ b/modules/s3/01-arngen.tf @@ -5,8 +5,8 @@ data "template_file" "kmspolicy" { template = "${file("${path.module}/Files/kmspolicy.json.tpl")}" vars { - arn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/worker_role" - masterarn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/master_role" + arn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/${var.worker-role}" + masterarn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/${var.master-role}" rootarn = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:root" } } diff --git a/modules/s3/variables.tf b/modules/s3/variables.tf index 1e629a4..b4625b1 100644 --- a/modules/s3/variables.tf +++ b/modules/s3/variables.tf @@ -6,6 +6,8 @@ variable "bucketname" {} variable "worker-role" {} +variable "master-role" {} + ### Bucket objects variable "capem" {}