add role_description

CHANGELOG.md

@@ -7,3 +7,6 @@
   - add docs
   - comment out ec2* role stuff
   - add check for ldap provider
+
+* v1.0.2 -- 20210402
+  - add `role_description` variable

README.md

@@ -28,6 +28,7 @@ module "myrole1" {
   source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git"
 
   role_name                  = "my-role1"
+  role_description           = "Role to do some super cool stuff"
   saml_provider_arn          = "arn:aws:iam::079788916859:saml-provider/Census_TCO_IDMS"
   enable_ldap_creation       = true
   assume_policy_document     = data.terraform_remote_state.common.outputs.saml_assume_json
@@ -99,6 +100,7 @@ No modules.
 | <a name="input_ldap_port"></a> [ldap\_port](#input\_ldap\_port) | LDAP port (default is 389 but also using STARTTLS) | `number` | `389` | no |
 | <a name="input_ldap_user"></a> [ldap\_user](#input\_ldap\_user) | LDAP user for writing data into eDirectory or Active Directory | `string` | `""` | no |
 | <a name="input_override_prefixes"></a> [override\_prefixes](#input\_override\_prefixes) | Override built-in prefixes by component (role, policy). This should be used primarily for common infrastructure things | `map(string)` | `{}` | no |
+| <a name="input_role_description"></a> [role\_description](#input\_role\_description) | Role/application description | `string` | `""` | no |
 | <a name="input_role_name"></a> [role\_name](#input\_role\_name) | Role/application name without prefix | `string` | n/a | yes |
 | <a name="input_saml_provider_arn"></a> [saml\_provider\_arn](#input\_saml\_provider\_arn) | ARN of SAML Provider | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags to apply to appropriate resources (S3, KMS).  Do not include safeguard tags here, use the data\_safeguard field for such things. | `map(string)` | `{}` | no |

main.tf

@@ -29,6 +29,7 @@
 *   source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git"
 * 
 *   role_name                  = "my-role1"
+*   role_description           = "Role to do some super cool stuff"
 *   saml_provider_arn          = "arn:aws:iam::079788916859:saml-provider/Census_TCO_IDMS"
 *   enable_ldap_creation       = true
 *   assume_policy_document     = data.terraform_remote_state.common.outputs.saml_assume_json
@@ -66,7 +67,7 @@ locals {
   #  _ec2_role_name   = var.ec2_role_name != "" ? var.ec2_role_name : var.role_name
   role_name        = format("%v%v", lookup(local._prefixes, "role", ""), var.role_name)
   saml_string      = var.saml_provider_arn != "" ? "SAML " : ""
-  role_description = format("%vRole for %v", local.saml_string, var.role_name)
+  role_description = var.role_description == "" ? format("%vRole for %v", local.saml_string, var.role_name) : var.role_description
   policy_name      = format("%v%v", lookup(local._prefixes, "policy", ""), var.role_name)
   #  ec2_role_name    = format("%v-ec2-%v", lookup(local._prefixes, "role", ""), local._ec2_role_name)
   #  ec2_policy_name  = format("%v-ec2-%v", lookup(local._prefixes, "policy", ""), local._ec2_role_name)

variables.tf

@@ -3,6 +3,12 @@ variable "role_name" {
   type        = string
 }
 
+variable "role_description" {
+  description = "Role/application description"
+  type        = string
+  default     = ""
+}
+
 variable "saml_provider_arn" {
   description = "ARN of SAML Provider"
   type        = string

version.tf

@@ -1,3 +1,3 @@
 locals {
-  _module_version = "1.0.1"
+  _module_version = "1.0.2"
 }