diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1dbc789..17a8dfa 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,3 +7,6 @@
- add docs
- comment out ec2* role stuff
- add check for ldap provider
+
+* v1.0.2 -- 20210402
+ - add `role_description` variable
diff --git a/README.md b/README.md
index 2df36f7..6e540ca 100644
--- a/README.md
+++ b/README.md
@@ -28,6 +28,7 @@ module "myrole1" {
source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git"
role_name = "my-role1"
+ role_description = "Role to do some super cool stuff"
saml_provider_arn = "arn:aws:iam::079788916859:saml-provider/Census_TCO_IDMS"
enable_ldap_creation = true
assume_policy_document = data.terraform_remote_state.common.outputs.saml_assume_json
@@ -99,6 +100,7 @@ No modules.
| [ldap\_port](#input\_ldap\_port) | LDAP port (default is 389 but also using STARTTLS) | `number` | `389` | no |
| [ldap\_user](#input\_ldap\_user) | LDAP user for writing data into eDirectory or Active Directory | `string` | `""` | no |
| [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (role, policy). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
+| [role\_description](#input\_role\_description) | Role/application description | `string` | `""` | no |
| [role\_name](#input\_role\_name) | Role/application name without prefix | `string` | n/a | yes |
| [saml\_provider\_arn](#input\_saml\_provider\_arn) | ARN of SAML Provider | `string` | `""` | no |
| [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS). Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |
diff --git a/main.tf b/main.tf
index 2249513..84b0001 100644
--- a/main.tf
+++ b/main.tf
@@ -29,6 +29,7 @@
* source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git"
*
* role_name = "my-role1"
+* role_description = "Role to do some super cool stuff"
* saml_provider_arn = "arn:aws:iam::079788916859:saml-provider/Census_TCO_IDMS"
* enable_ldap_creation = true
* assume_policy_document = data.terraform_remote_state.common.outputs.saml_assume_json
@@ -66,7 +67,7 @@ locals {
# _ec2_role_name = var.ec2_role_name != "" ? var.ec2_role_name : var.role_name
role_name = format("%v%v", lookup(local._prefixes, "role", ""), var.role_name)
saml_string = var.saml_provider_arn != "" ? "SAML " : ""
- role_description = format("%vRole for %v", local.saml_string, var.role_name)
+ role_description = var.role_description == "" ? format("%vRole for %v", local.saml_string, var.role_name) : var.role_description
policy_name = format("%v%v", lookup(local._prefixes, "policy", ""), var.role_name)
# ec2_role_name = format("%v-ec2-%v", lookup(local._prefixes, "role", ""), local._ec2_role_name)
# ec2_policy_name = format("%v-ec2-%v", lookup(local._prefixes, "policy", ""), local._ec2_role_name)
diff --git a/variables.tf b/variables.tf
index 144aab7..cf8c8bd 100644
--- a/variables.tf
+++ b/variables.tf
@@ -3,6 +3,12 @@ variable "role_name" {
type = string
}
+variable "role_description" {
+ description = "Role/application description"
+ type = string
+ default = ""
+}
+
variable "saml_provider_arn" {
description = "ARN of SAML Provider"
type = string
diff --git a/version.tf b/version.tf
index 374ba43..02c6357 100644
--- a/version.tf
+++ b/version.tf
@@ -1,3 +1,3 @@
locals {
- _module_version = "1.0.1"
+ _module_version = "1.0.2"
}