This will create a readonly role, assumeable from source_account_id.
module "role" {
source = "github.com/chanzuckerberg/cztack/aws-iam-role-readonly?ref=v0.14.0"
# defaults to 'readonly'
role_name = "..."
# The ID of the other AWS account that can assume this role.
source_account_id = "..."
}
output "role_name" {
value = "${module.role.role_name}"
}
| Name |
Description |
Type |
Default |
Required |
| iam_path |
|
string |
"/" |
no |
| role_name |
|
string |
"readonly" |
no |
| source_account_id |
The AWS account from which this role should be assumeable. |
string |
n/a |
yes |
| Name |
Description |
| arn |
|
| role_name |
|