update statemetns to chec for create first

terraform-modules · May 25, 2022 · 75abdc3 · 75abdc3
1 parent 784a92e
commit 75abdc3
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 23 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,24 @@
+# aws-security-audit
+
+## version 1.x
+
+* 1.0.0	tag initial release
+
+## version 2.x
+
+* 2.0.0	terraform 0.12 support
+
+* 2.0.1	add contact, reference
+
+* 2.1.0 -- 20210429
+  - add additional_policies feature
+  - add pre-commit hooks
+
+* 2.1.1 -- 20210614
+  - add terraform tags
+
+* 2.1.2 -- 20210614
+  - change to attach policies ia for_each
+
+* 2.1.3 -- 2022-05-25
+  - update statements to check for create first
diff --git a/CHANGES.md b/CHANGES.md
diff --git a/main.tf b/main.tf
@@ -152,8 +152,8 @@ resource "aws_iam_access_key" "audit" {
 resource "null_resource" "audit_output" {
   count = length(var.users)
   triggers = {
-    user                  = element(aws_iam_user.audit[*].name, count.index)
-    aws_access_key_id     = element(local.aws_access_key_id, count.index)
-    aws_secret_access_key = element(local.aws_secret_access_key, count.index)
+    user                  = var.create_access_keys ? element(aws_iam_user.audit[*].name, count.index) : null
+    aws_access_key_id     = var.create_access_keys ? element(local.aws_access_key_id, count.index) : null
+    aws_secret_access_key = var.create_access_keys ? element(local.aws_secret_access_key, count.index) : null
   }
 }
diff --git a/outputs.tf b/outputs.tf
@@ -1,11 +1,11 @@
 output "user" {
   description = "Users created"
-  value       = aws_iam_user.audit[*].name
+  value       = var.create_access_keys ? aws_iam_user.audit[*].name : []
 }
 
 output "aws_access_key_id" {
   description = "Access Key IDs for Users"
-  value       = aws_iam_access_key.audit[*].id
+  value       = var.create_access_keys ? aws_iam_access_key.audit[*].id : []
 }
 
 locals {
@@ -19,10 +19,10 @@ locals {
 output "aws_secret_access_key" {
   description = "Access Secret Key IDs for Users"
   #  value       = [split(",", local.secret)]
-  value = aws_iam_access_key.audit[*].encrypted_secret
+  value = var.create_access_keys ? aws_iam_access_key.audit[*].encrypted_secret : []
 }
 
 output "aws_info" {
   description = "Access key, secret, and user map output"
-  value       = null_resource.audit_output[*].triggers
+  value       = var.create_access_keys ? null_resource.audit_output[*].triggers : {}
 }
diff --git a/version.tf b/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "2.1.2"
+  _module_version = "2.1.3"
 }