This module creates following resources.
aws_ssoadmin_permission_setaws_ssoadmin_customer_managed_policy_attachment(optional)aws_ssoadmin_managed_policy_attachment(optional)aws_ssoadmin_permissions_boundary_attachment(optional)aws_ssoadmin_permission_set_inline_policy(optional)
| Name | Version |
|---|---|
| terraform | >= 1.6 |
| aws | >= 4.64 |
| Name | Version |
|---|---|
| aws | 5.45.0 |
| Name | Source | Version |
|---|---|---|
| resource_group | tedilabs/misc/aws//modules/resource-group | ~> 0.10.0 |
| Name | Type |
|---|---|
| aws_ssoadmin_customer_managed_policy_attachment.this | resource |
| aws_ssoadmin_managed_policy_attachment.this | resource |
| aws_ssoadmin_permission_set.this | resource |
| aws_ssoadmin_permission_set_inline_policy.this | resource |
| aws_ssoadmin_permissions_boundary_attachment.this | resource |
| aws_ssoadmin_instances.this | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | (Required) The name of the Permission Set. | string |
n/a | yes |
| description | (Optional) The description of the Permission Set. | string |
"Managed by Terraform." |
no |
| inline_policy | (Optional) The IAM inline policy to attach to a Permission Set. Only supports one IAM inline policy per Permission Set. Creating or updating this resource will automatically Provision the Permission Set to apply the corresponding updates to all assigned accounts. | string |
null |
no |
| managed_policies | (Optional) The configuration for managed policies to be attached to the Permission Set. You can assign AWS managed policies, customer managed policies. Each value of managed_policies block as defined below.(Required) type - The type of the managed policy. Valid values are AWS_MANAGED or CUSTOMER_MANAGED.(Optional) name - The name of the customer managed policy. Required if type is CUSTOMER_MANAGED.(Optional) path - The path of the customer managed policy. Default to /.(Optional) arn - The ARN of the AWS-managed policy. Required if type is AWS_MANAGED. |
list(object({ |
[] |
no |
| module_tags_enabled | (Optional) Whether to create AWS Resource Tags for the module informations. | bool |
true |
no |
| permissions_boundary | (Optional) The configuration for the permissions boundary policy to be attached to the Permission Set. permissions_boundary block as defined below.(Required) type - The type of the permissions boundary policy. Valid values are AWS_MANAGED or CUSTOMER_MANAGED.(Optional) name - The name of the customer managed permissions boundary policy. Required if type is CUSTOMER_MANAGED.(Optional) path - The path of the customer managed permissions boundary policy. Default to /.(Optional) arn - The ARN of the AWS-managed permissions boundary policy. Required if type is AWS_MANAGED. |
object({ |
null |
no |
| relay_state | (Optional) The relay state URL used to redirect users within the application during the federation authentication process. | string |
null |
no |
| resource_group_description | (Optional) The description of Resource Group. | string |
"Managed by Terraform." |
no |
| resource_group_enabled | (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. | bool |
true |
no |
| resource_group_name | (Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with AWS or aws. |
string |
"" |
no |
| session_duration | (Optional) The length of time that the application user sessions are valid in seconds. Duration should be a number between 3600 (1 hour) and 43200 (12 hours). |
number |
3600 |
no |
| tags | (Optional) A map of tags to add to all resources. | map(string) |
{} |
no |
| Name | Description |
|---|---|
| arn | The Amazon Resource Name (ARN) of the Permission Set. |
| created_at | The date the Permission Set was created in RFC3339 format. |
| inline_policy | The IAM inline policy which are attached to the Permission Set. |
| instance_arn | The Amazon Resource Name (ARN) of the SSO Instance. |
| managed_policies | A list of managed policies which are attached to the Permission Set. |
| name | The name of the Permission Set. |
| permissions_boundary | The configuration for the permissions boundary policy of the Permission Set. |
| relay_state | The relay state URL used to redirect users within the application during the federation authentication process. |
| session_duration | The length of time that the application user sessions are valid in seconds. |