add missing max_session_duration

terraform-modules · May 9, 2022 · 3ef4592 · 3ef4592
1 parent 3877a65
commit 3ef4592
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 1 deletion.
diff --git a/common/defaults.tf b/common/defaults.tf
@@ -47,5 +47,9 @@ locals {
       "peers"      = []
     }
     "transit-gateway-environments" = ["services", "dev", "test", "stage", "prod", "cre"]
+    "role" = {
+      "force_detach_policies" = false
+      "max_session_duration"  = 3600
+    }
   }
 }
diff --git a/flowlogs-role/README.md b/flowlogs-role/README.md
@@ -66,3 +66,4 @@ No modules.
 | Name | Description |
 |------|-------------|
 | <a name="output_role_arn"></a> [role\_arn](#output\_role\_arn) | Created flowlogs role ARN |
+| <a name="output_role_name"></a> [role\_name](#output\_role\_name) | Created flowlogs role name |
diff --git a/flowlogs-role/main.tf b/flowlogs-role/main.tf
@@ -56,7 +56,7 @@ resource "aws_iam_role" "role" {
   name                  = local.role_name
   description           = local.role_description
   force_detach_policies = local._defaults["force_detach_policies"]
-  max_session_duration  = var.max_session_duration
+  max_session_duration  = local._defaults["role"]["max_session_duration"]
   assume_role_policy    = data.aws_iam_policy_document.flowlogs_assume.json
 
   lifecycle {

diff --git a/flowlogs-role/outputs.tf b/flowlogs-role/outputs.tf
@@ -2,3 +2,8 @@ output "role_arn" {
   description = "Created flowlogs role ARN"
   value       = aws_iam_role.role.arn
 }
+
+output "role_name" {
+  description = "Created flowlogs role name"
+  value       = aws_iam_role.role.name
+}