Merge pull request #2 from terraform-modules/feature-output-ldap-dn

v1.0.3: add output of ldap_dn
terraform-modules · Apr 2, 2021 · 578cc2d · 578cc2d
2 parents 639a5cd + c074441
commit 578cc2d
Show file tree

Hide file tree

Showing 5 changed files with 12 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -10,3 +10,6 @@
 
 * v1.0.2 -- 20210402
   - add `role_description` variable
+
+* v1.0.3 -- 20210402
+  - add export of ldap_dn
diff --git a/README.md b/README.md
@@ -109,5 +109,6 @@ No modules.
 
 | Name | Description |
 |------|-------------|
+| <a name="output_ldap_dn"></a> [ldap\_dn](#output\_ldap\_dn) | Created LDAP DN for role (empty if ldap is not enabled) |
 | <a name="output_role_arn"></a> [role\_arn](#output\_role\_arn) | Created role ARN |
 | <a name="output_role_name"></a> [role\_name](#output\_role\_name) | Created role name |
diff --git a/main.tf b/main.tf
@@ -78,6 +78,7 @@ locals {
 
   ldap_provider_exists = data.external.ldap_provider_bin.result.status == "0" ? true : false
   enable_ldap          = var.enable_ldap_creation && var.ldap_user != "" && var.ldap_password != "" && var.saml_provider_arn != "" && local.ldap_provider_exists
+  ldap_dn              = format("cn=%s,ou=%s,ou=AWS,ou=Cloud,ou=Application,o=U.S. Census Bureau,c=US", aws_iam_role.role.name, local.account_id)
 
   base_tags = {
     "boc:tf_module_version" = local._module_version
@@ -135,7 +136,7 @@ resource "null_resource" "role_ldif" {
 resource "ldap_object" "role" {
   count    = local.ldap_exists && local.enable_ldap ? 1 : 0
   provider = ldap
-  dn       = format("cn=%s,ou=%s,ou=AWS,ou=Cloud,ou=Application,o=U.S. Census Bureau,c=US", aws_iam_role.role.name, local.account_id)
+  dn       = local.ldap_dn
   object_classes = [
     "top",
     "bocGroup",

diff --git a/outputs.tf b/outputs.tf
@@ -8,3 +8,8 @@ output "role_name" {
   description = "Created role name"
   value       = aws_iam_role.role.name
 }
+
+output "ldap_dn" {
+  description = "Created LDAP DN for role (empty if ldap is not enabled)"
+  value       = local.enable_ldap ? local.ldap_dn : ""
+}
diff --git a/version.tf b/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "1.0.2"
+  _module_version = "1.0.3"
 }