From 10b22775631782440355ed06972a730dc998329b Mon Sep 17 00:00:00 2001 From: Chip Bell Date: Thu, 14 Nov 2024 10:22:00 -0500 Subject: [PATCH 1/2] Allowing module consumers to provide an optional policy_json to override the default --- optional.tf | 6 ++++++ security.tf | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/optional.tf b/optional.tf index e9d852c..0d58c97 100644 --- a/optional.tf +++ b/optional.tf @@ -136,3 +136,9 @@ variable "execution_role_name" { type = string default = null } + +variable "policy_json" { + description = "Policy JSON. If null, default policy granting S3, logging, and XRay will be attached" + type = string + default = null +} diff --git a/security.tf b/security.tf index 88b7251..901a4ba 100644 --- a/security.tf +++ b/security.tf @@ -5,7 +5,7 @@ module "role" { name = local.execution_role_name - policy_json = jsonencode({ + policy_json = var.policy_json != null ? var.policy_json : jsonencode({ "Version" : "2012-10-17", "Statement" : [ { From f77168a4d26387c8d0d4b1d616f8059653097a30 Mon Sep 17 00:00:00 2001 From: chipbell4 Date: Thu, 14 Nov 2024 15:23:14 +0000 Subject: [PATCH 2/2] Running document script --- README.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 2fa72c7..dffe58d 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Use this URL for the source of the module. See the usage examples below for more details. ```hcl -github.com/pbs/terraform-aws-synthetics-module?ref=2.0.22 +github.com/pbs/terraform-aws-synthetics-module?ref=x.y.z ``` ### Alternative Installation Methods @@ -22,7 +22,7 @@ Integrate this module like so: ```hcl module "synthetics" { - source = "github.com/pbs/terraform-aws-synthetics-module?ref=2.0.22" + source = "github.com/pbs/terraform-aws-synthetics-module?ref=x.y.z" zip_file = "path/to/file.zip" @@ -48,7 +48,7 @@ The recommended workaround for this is to use something external to Terraform (l If this repo is added as a subtree, then the version of the module should be close to the version shown here: -`2.0.22` +`x.y.z` Note, however that subtrees can be altered as desired within repositories. @@ -108,6 +108,7 @@ Below is automatically generated documentation on this Terraform module using [t | [force\_destroy](#input\_force\_destroy) | Specifies whether to force destroy the bucket containing the canary artifacts. This is required when the bucket contains objects. The default value is `false`. | `bool` | `false` | no | | [handler](#input\_handler) | Entry point to use for the source code when running the canary. This value must end with the string `.handler`. | `string` | `"canary.handler"` | no | | [name](#input\_name) | Name of the synthetics module. If null, will default to product. | `string` | `null` | no | +| [policy\_json](#input\_policy\_json) | Policy JSON. If null, default policy granting S3, logging, and XRay will be attached | `string` | `null` | no | | [run\_config](#input\_run\_config) | Configuration block for individual canary runs. |
object({
timeout_in_seconds = optional(number)
memory_in_mb = optional(number)
active_tracing = optional(bool)
environment_variables = optional(map(string))
})
| `null` | no | | [runtime\_version](#input\_runtime\_version) | Specifies the runtime version to use for the canary. For a list of valid runtime versions, see Canary Runtime Versions. | `string` | `"syn-nodejs-puppeteer-7.0"` | no | | [schedule](#input\_schedule) | Schedule for how often the canary is to run and when these test runs are to stop. |
object({
expression = string
duration_in_seconds = optional(number)
})
|
{
"expression": "rate(5 minutes)"
}
| no |