add import_to_acm

terraform-modules · Jul 29, 2025 · 2bf2739 · 2bf2739
1 parent d6b4bfa
commit 2bf2739
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 0 deletions.
diff --git a/rolesanywhere/README.md b/rolesanywhere/README.md
@@ -107,6 +107,7 @@ module "myrole3" {
 | <a name="input_component_tags"></a> [component\_tags](#input\_component\_tags) | Additional tags for Components (role, policy) | `map(map(string))` | <pre>{<br/>  "policy": {},<br/>  "role": {}<br/>}</pre> | no |
 | <a name="input_contact_group_email"></a> [contact\_group\_email](#input\_contact\_group\_email) | Email of contact group | `string` | n/a | yes |
 | <a name="input_contact_users"></a> [contact\_users](#input\_contact\_users) | Username of contact(s) | `list(string)` | `[]` | no |
+| <a name="input_import_to_acm"></a> [import\_to\_acm](#input\_import\_to\_acm) | Flag to import certificate to ACM, used primarily for tracking expiration and establishing contact details | `bool` | `false` | no |
 | <a name="input_inline_policies"></a> [inline\_policies](#input\_inline\_policies) | List of IAM Policy Document objects to include in this role. Format is {name=name,policy=policy-json} | `list(object({ name = string, policy = string }))` | `[]` | no |
 | <a name="input_managed_policy_arns"></a> [managed\_policy\_arns](#input\_managed\_policy\_arns) | List of IAM Managed Policy ARNs to attach to this role | `list(string)` | `[]` | no |
 | <a name="input_max_session_duration"></a> [max\_session\_duration](#input\_max\_session\_duration) | Override the maximum session duration from the default (3600) | `number` | `3600` | no |

diff --git a/rolesanywhere/certificate.tf b/rolesanywhere/certificate.tf
@@ -5,6 +5,7 @@ module "certificate" {
   contact_email          = var.contact_group_email
   certificate_subject_ou = local.certificate_subject_ou["x509Subject/OU"]
   validity_days          = var.validity_days
+  import_to_acm          = var.import_to_acm
 }
 
 locals {

diff --git a/rolesanywhere/variables.tf b/rolesanywhere/variables.tf
@@ -44,3 +44,9 @@ variable "component_tags" {
   type        = map(map(string))
   default     = { "role" = {}, "policy" = {} }
 }
+
+variable "import_to_acm" {
+  description = "Flag to import certificate to ACM, used primarily for tracking expiration and establishing contact details"
+  type        = bool
+  default     = false
+}