terraform-aws-devops-agent/examples/spoke/spoke-workload-eks at main · appvia/terraform-aws-devops-agent · GitHub

Name		Name	Last commit message	Last commit date
parent directory ..
README.md		README.md
boundary.tf		boundary.tf
main.tf		main.tf
outputs.tf		outputs.tf
terraform.tf		terraform.tf
terraform.tfvars.example		terraform.tfvars.example
variables.tf		variables.tf

README.md

Providers

Name	Version
aws	>= 6.0.0

Inputs

Name	Description	Type	Default	Required
agent_space_arn	ARN of the AgentSpace from the hosting-account deployment. Captured from the agent_space_arn output after Phase 1.	`string`	n/a	yes
aws_region	AWS region for workload account resources. Scopes the permissions boundary to this region — the agent will only read EKS, CloudWatch, ECR, and networking resources here.	`string`	`"eu-west-2"`	no
role_name	Name for the cross-account IAM role in this workload account.	`string`	`"DevOpsAgentCrossAccountRole"`	no
tags	Tags to apply to all resources.	`map(string)`	`{}`	no

Outputs

Name	Description
cross_account_role_arn	ARN of the cross-account IAM role. Pass this to the hosting-account secondary_accounts map.
cross_account_role_name	Name of the cross-account IAM role.
permissions_boundary_arn	ARN of the EKS permissions boundary policy attached to the cross-account role.