update, add example

CHANGELOG.md

@@ -166,3 +166,6 @@
   - ldap-ou-create
     - change to use trevx/ldap provider
 
+* 2.0.1 -- 2022-05-24
+  - billing-policies
+    - add submodule for policies

billing-policies/outputs.tf

@@ -2,7 +2,7 @@ output "policies" {
   description = "Map of label and policy JSON for billing accesses"
   value = {
     "full-billing"    = data.aws_iam_policy_document.full_billing.json
-    "limited-billing" = data.aws_iam_policy_document.limitd_billing.json
+    "limited-billing" = data.aws_iam_policy_document.limited_billing.json
   }
 }
 

common/version.tf

@@ -1,3 +1,3 @@
 locals {
-  _module_version = "2.0.0"
+  _module_version = "2.0.1"
 }

examples/billing-policy/roles.tf

@@ -0,0 +1,29 @@
+module "billing" {
+  source = "git@github.e.it.census.gov:terraform-modules/aws-inf-setup.git//billing-policies?ref=tf-upgrade"
+}
+
+module "role_full_billing" {
+  source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git?ref=tf-upgrade"
+
+  role_name              = "inf-billing"
+  saml_provider_arn      = module.saml.saml_provider
+  enable_ldap_creation   = true
+  assume_policy_document = module.saml.saml_assume_policy
+  max_session_duration   = 3600
+  ldap_user              = var.ldap_user
+  ldap_password          = var.ldap_password
+  inline_policies        = [module.billing.policies["full-billing"]]
+}
+
+module "role_limited_billing" {
+  source = "git@github.e.it.census.gov:terraform-modules/aws-iam-role.git?ref=tf-upgrade"
+
+  role_name              = "limited-billing"
+  saml_provider_arn      = module.saml.saml_provider
+  enable_ldap_creation   = true
+  assume_policy_document = module.saml.saml_assume_policy
+  max_session_duration   = 3600
+  ldap_user              = var.ldap_user
+  ldap_password          = var.ldap_password
+  inline_policies        = [module.billing.policies["limited-billing"]]
+}