fix

README.md

@@ -63,6 +63,7 @@ No Modules.
 | account\_id | AWS Account ID (default will pull from current user) | `string` | `""` | no |
 | assume\_policy\_document | JSON policy document for role to assume (i.e., the SAML assume document) | `string` | `""` | no |
 | attached\_policies | List of IAM Policy ARNs to attach to this role | `list(string)` | `[]` | no |
+| component\_tags | Additional tags for Components (role, policy) | `map(map(string))` | <pre>{<br>  "policy": {},<br>  "role": {}<br>}</pre> | no |
 | ec2\_assume\_policy\_document | JSON policy document for EC2 instance role (default is sts:AssumeRole for ec2 service) | `string` | `""` | no |
 | ec2\_attached\_policies | List of IAM Policy ARNs to attach to this EC2 instance role | `list(string)` | `[]` | no |
 | ec2\_role\_name | EC2 instace Role/application name without prefix | `string` | `""` | no |

main.tf

@@ -39,7 +39,7 @@ locals {
   ec2_role_name    = format("%v-ec2-%v", lookup(local._prefixes, "role", ""), local._ec2_role_name)
   ec2_policy_name  = format("%v-ec2-%v", lookup(local._prefixes, "policy", ""), local._ec2_role_name)
 
-  ldap_exists         = fileexists("${path.root}/setup/${aws_iam_role.role_app.name}.ldif")
+  ldap_exists         = fileexists("${path.root}/setup/${aws_iam_role.role.name}.ldif")
   bocappdata_auth     = local.account_environment == "gov" ? "Cloud_AWSGovCloud_Auth" : "Cloud_AWS_Auth"
   bocappdata_fullauth = format("gov.census.tco:%v=%v,%v", local.bocappdata_auth, aws_iam_role.role.arn, var.saml_provider_arn)
 

variables.tf

@@ -88,3 +88,10 @@ variable "ldap_port" {
   type        = number
   default     = 389
 }
+
+variable "component_tags" {
+  description = "Additional tags for Components (role, policy)"
+  type        = map(map(string))
+  default     = { "role" = {}, "policy" = {} }
+}
+