DEVOPS-1330 Added output for IAM Role name (#14)

Mohammed-afk91 · web-flow · commit f4d990ff6351 · 2022-10-14T17:20:31.000+01:00
* DEVOPS-1330 Added output for IAM Role name

* Added documentation
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -18,7 +18,7 @@ repos:
     args: ['--allow-missing-credentials']
   - id: trailing-whitespace
 - repo: https://github.com/antonbabenko/pre-commit-terraform
-  rev: v1.74.1
+  rev: v1.76.0
   hooks:
   - id: terraform_fmt
   - id: terraform_docs
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
 <a name="unreleased"></a>
 ## [Unreleased]
 
+- DEVOPS-1330 Added output for IAM Role name
+
+
+<a name="1.5.0"></a>
+## [1.5.0] - 2022-08-18
+
+- Added force destroy feature + new restore policy ([#13](https://github.com/umotif-public/terraform-aws-backup/issues/13))
 
 
 <a name="1.4.0"></a>
@@ -56,7 +63,8 @@ All notable changes to this project will be documented in this file.
 - Initial commit
 
 
-[Unreleased]: https://github.com/umotif-public/terraform-aws-backup/compare/1.4.0...HEAD
+[Unreleased]: https://github.com/umotif-public/terraform-aws-backup/compare/1.5.0...HEAD
+[1.5.0]: https://github.com/umotif-public/terraform-aws-backup/compare/1.4.0...1.5.0
 [1.4.0]: https://github.com/umotif-public/terraform-aws-backup/compare/1.3.1...1.4.0
 [1.3.1]: https://github.com/umotif-public/terraform-aws-backup/compare/1.3.0...1.3.1
 [1.3.0]: https://github.com/umotif-public/terraform-aws-backup/compare/1.2.0...1.3.0
diff --git a/README.md b/README.md
@@ -118,7 +118,6 @@ No modules.
 | [aws_iam_policy_document.main_custom_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.sns_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
-| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs
 
@@ -130,21 +129,9 @@ No modules.
 | <a name="input_enable_sns_notifications"></a> [enable\_sns\_notifications](#input\_enable\_sns\_notifications) | Enable Backup Vault Notifications | `bool` | `false` | no |
 | <a name="input_iam_role_name"></a> [iam\_role\_name](#input\_iam\_role\_name) | Name of IAM Role to associate to the Backup Plan | `string` | `null` | no |
 | <a name="input_plan_name"></a> [plan\_name](#input\_plan\_name) | The display name of a backup plan | `string` | n/a | yes |
-| <a name="input_rule_completion_window"></a> [rule\_completion\_window](#input\_rule\_completion\_window) | The amount of time AWS Backup attempts a backup before canceling the job and returning an error | `number` | `null` | no |
-| <a name="input_rule_copy_action_destination_vault_arn"></a> [rule\_copy\_action\_destination\_vault\_arn](#input\_rule\_copy\_action\_destination\_vault\_arn) | An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup. | `string` | `null` | no |
-| <a name="input_rule_copy_action_lifecycle"></a> [rule\_copy\_action\_lifecycle](#input\_rule\_copy\_action\_lifecycle) | The lifecycle defines when a protected resource is copied over to a backup vault and when it expires. | `map(any)` | `{}` | no |
-| <a name="input_rule_lifecycle_cold_storage_after"></a> [rule\_lifecycle\_cold\_storage\_after](#input\_rule\_lifecycle\_cold\_storage\_after) | Specifies the number of days after creation that a recovery point is moved to cold storage | `number` | `null` | no |
-| <a name="input_rule_lifecycle_delete_after"></a> [rule\_lifecycle\_delete\_after](#input\_rule\_lifecycle\_delete\_after) | Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `cold_storage_after` | `number` | `null` | no |
-| <a name="input_rule_name"></a> [rule\_name](#input\_rule\_name) | An display name for a backup rule | `string` | `null` | no |
-| <a name="input_rule_recovery_point_tags"></a> [rule\_recovery\_point\_tags](#input\_rule\_recovery\_point\_tags) | Metadata that you can assign to help organize the resources that you create | `map(string)` | `{}` | no |
-| <a name="input_rule_schedule"></a> [rule\_schedule](#input\_rule\_schedule) | A CRON expression specifying when AWS Backup initiates a backup job | `string` | `null` | no |
-| <a name="input_rule_start_window"></a> [rule\_start\_window](#input\_rule\_start\_window) | The amount of time in minutes before beginning a backup | `number` | `null` | no |
 | <a name="input_rules"></a> [rules](#input\_rules) | A list of rules mapping rule configurations for a backup plan | `any` | `[]` | no |
 | <a name="input_selection_name"></a> [selection\_name](#input\_selection\_name) | The display name of a resource selection document | `string` | `null` | no |
 | <a name="input_selection_resources"></a> [selection\_resources](#input\_selection\_resources) | A list of strings that either contain Amazon Resource Names (ARNs) or match patterns of resources to assign to a backup plan | `list(string)` | `[]` | no |
-| <a name="input_selection_tag_key"></a> [selection\_tag\_key](#input\_selection\_tag\_key) | The key in a key-value pair | `string` | `null` | no |
-| <a name="input_selection_tag_type"></a> [selection\_tag\_type](#input\_selection\_tag\_type) | An operation, such as StringEquals, that is applied to a key-value pair used to filter resources in a selection | `string` | `null` | no |
-| <a name="input_selection_tag_value"></a> [selection\_tag\_value](#input\_selection\_tag\_value) | The value in a key-value pair | `string` | `null` | no |
 | <a name="input_selection_tags"></a> [selection\_tags](#input\_selection\_tags) | A list of selection tags map | `list(any)` | `[]` | no |
 | <a name="input_sns_topic_arn"></a> [sns\_topic\_arn](#input\_sns\_topic\_arn) | The Amazon Resource Name (ARN) that specifies the topic for a backup vault’s events | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to the resource | `map(string)` | `{}` | no |
@@ -164,6 +151,7 @@ No modules.
 | <a name="output_backup_sns_topic_arn"></a> [backup\_sns\_topic\_arn](#output\_backup\_sns\_topic\_arn) | The Amazon Resource Name (ARN) that specifies the topic for a backup vault’s events |
 | <a name="output_backup_vault_arn"></a> [backup\_vault\_arn](#output\_backup\_vault\_arn) | The Amazon Resource Name (ARN) that identifies the AWS Backup Vault |
 | <a name="output_backup_vault_events"></a> [backup\_vault\_events](#output\_backup\_vault\_events) | An array of events that indicate the status of jobs to back up resources to the backup vault. |
+| <a name="output_backup_vault_iam_role_name"></a> [backup\_vault\_iam\_role\_name](#output\_backup\_vault\_iam\_role\_name) | The name of the backup IAM role |
 | <a name="output_backup_vault_id"></a> [backup\_vault\_id](#output\_backup\_vault\_id) | The name of the AWS Backup Vault |
 | <a name="output_backup_vault_recovery_points"></a> [backup\_vault\_recovery\_points](#output\_backup\_vault\_recovery\_points) | The number of recovery points that are stored in a backup vault |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/data.tf b/data.tf
@@ -1,4 +1,3 @@
-data "aws_region" "current" {}
 data "aws_partition" "current" {}
 
 data "aws_iam_policy_document" "sns_policy" {
diff --git a/examples/external-vault/main.tf b/examples/external-vault/main.tf
@@ -1,10 +1,3 @@
-provider "aws" {
-  region = "eu-west-1"
-}
-
-data "aws_caller_identity" "current" {}
-data "aws_region" "current" {}
-
 ######
 # KMS
 ######
diff --git a/examples/external-vault/versions.tf b/examples/external-vault/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.0.11"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.0.0"
+    }
+  }
+}
diff --git a/examples/multiple-dbs/main.tf b/examples/multiple-dbs/main.tf
@@ -1,10 +1,3 @@
-provider "aws" {
-  region = "eu-west-1"
-}
-
-data "aws_caller_identity" "current" {}
-data "aws_region" "current" {}
-
 #####
 # VPC and subnets
 #####
diff --git a/examples/multiple-dbs/versions.tf b/examples/multiple-dbs/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.0.11"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.0.0"
+    }
+  }
+}
diff --git a/examples/one-db/main.tf b/examples/one-db/main.tf
@@ -1,7 +1,3 @@
-provider "aws" {
-  region = "eu-west-1"
-}
-
 #####
 # VPC and subnets
 #####
diff --git a/examples/one-db/versions.tf b/examples/one-db/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.0.11"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.0.0"
+    }
+  }
+}
diff --git a/examples/vault/main.tf b/examples/vault/main.tf
@@ -1,10 +1,3 @@
-provider "aws" {
-  region = "eu-west-1"
-}
-
-data "aws_caller_identity" "current" {}
-data "aws_region" "current" {}
-
 ######
 # KMS
 ######
diff --git a/examples/vault/outputs.tf b/examples/vault/outputs.tf
@@ -31,4 +31,9 @@ output "backup_plan_version" {
 output "backup_selection_id" {
   description = "The identifier of the backup selection"
   value       = module.backup.backup_selection_id
+}
+
+output "backup_vault_iam_role_name" {
+  description = "The name of the backup IAM role"
+  value       = module.backup.backup_vault_iam_role_name
 }
diff --git a/examples/vault/versions.tf b/examples/vault/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.0.11"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.0.0"
+    }
+  }
+}
diff --git a/outputs.tf b/outputs.tf
@@ -55,4 +55,12 @@ output "backup_vault_events" {
   value = flatten([
     for events in aws_backup_vault_notifications.main[*] : events.backup_vault_events
   if var.enable_sns_notifications])
+}
+
+#####
+# AWS Backup IAM role Outputs
+####
+output "backup_vault_iam_role_name" {
+  description = "The name of the backup IAM role"
+  value       = aws_iam_role.main.name
 }
diff --git a/variables.tf b/variables.tf
@@ -12,60 +12,6 @@ variable "plan_name" {
   type        = string
 }
 
-variable "rule_name" {
-  description = "An display name for a backup rule"
-  type        = string
-  default     = null
-}
-
-variable "rule_schedule" {
-  description = "A CRON expression specifying when AWS Backup initiates a backup job"
-  type        = string
-  default     = null
-}
-
-variable "rule_start_window" {
-  description = "The amount of time in minutes before beginning a backup"
-  type        = number
-  default     = null
-}
-
-variable "rule_completion_window" {
-  description = "The amount of time AWS Backup attempts a backup before canceling the job and returning an error"
-  type        = number
-  default     = null
-}
-
-variable "rule_recovery_point_tags" {
-  description = "Metadata that you can assign to help organize the resources that you create"
-  type        = map(string)
-  default     = {}
-}
-
-variable "rule_lifecycle_cold_storage_after" {
-  description = "Specifies the number of days after creation that a recovery point is moved to cold storage"
-  type        = number
-  default     = null
-}
-
-variable "rule_lifecycle_delete_after" {
-  description = "Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than `cold_storage_after`"
-  type        = number
-  default     = null
-}
-
-variable "rule_copy_action_lifecycle" {
-  description = "The lifecycle defines when a protected resource is copied over to a backup vault and when it expires."
-  type        = map(any)
-  default     = {}
-}
-
-variable "rule_copy_action_destination_vault_arn" {
-  description = "An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup."
-  type        = string
-  default     = null
-}
-
 variable "rules" {
   description = "A list of rules mapping rule configurations for a backup plan"
   type        = any
@@ -84,24 +30,6 @@ variable "selection_resources" {
   default     = []
 }
 
-variable "selection_tag_type" {
-  description = "An operation, such as StringEquals, that is applied to a key-value pair used to filter resources in a selection"
-  type        = string
-  default     = null
-}
-
-variable "selection_tag_key" {
-  description = "The key in a key-value pair"
-  type        = string
-  default     = null
-}
-
-variable "selection_tag_value" {
-  description = "The value in a key-value pair"
-  type        = string
-  default     = null
-}
-
 variable "selection_tags" {
   description = "A list of selection tags map"
   type        = list(any)

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,3 @@`
`1`		`-data "aws_region" "current" {}`
`2`	`1`	`data "aws_partition" "current" {}`
`3`	`2`
`4`	`3`	`data "aws_iam_policy_document" "sns_policy" {`