Merge pull request #11 from geekcell/fix/add-path-variable

fix: add path to role
geekcell · Apr 4, 2024 · a0e7328 · a0e7328
2 parents 13c1724 + 019e95d
commit a0e7328
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -58,6 +58,7 @@ the AWS IAM Policy Collection Terraform Module. Give it a try and see the differ
 | <a name="input_create_policy"></a> [create\_policy](#input\_create\_policy) | Whether to create the actual policy resource or to only render it. | `bool` | `true` | no |
 | <a name="input_description"></a> [description](#input\_description) | Description of the Security Group. | `string` | `null` | no |
 | <a name="input_name"></a> [name](#input\_name) | Name of the policy. | `string` | n/a | yes |
+| <a name="input_path"></a> [path](#input\_path) | Path in which to create the policy. | `string` | `"/"` | no |
 | <a name="input_policy_id"></a> [policy\_id](#input\_policy\_id) | ID for the policy document. | `string` | `null` | no |
 | <a name="input_statements"></a> [statements](#input\_statements) | A map of principals which can assume the role. | <pre>list(object({<br>    sid    = optional(string)<br>    effect = optional(string, "Allow")<br><br>    actions     = optional(list(string))<br>    not_actions = optional(list(string))<br><br>    resources     = optional(list(string))<br>    not_resources = optional(list(string))<br><br>    conditions = optional(list(object({<br>      test     = string<br>      variable = string<br>      values   = list(string)<br>    })))<br><br>    principals = optional(list(object({<br>      type        = string<br>      identifiers = list(string)<br>    })))<br><br>    not_principals = optional(list(object({<br>      type        = string<br>      identifiers = list(string)<br>    })))<br>  }))</pre> | `[]` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to add to the Security Group. | `map(any)` | `{}` | no |

diff --git a/main.tf b/main.tf
@@ -104,6 +104,7 @@ resource "aws_iam_policy" "main" {
   name        = var.use_name_prefix ? null : var.name
   name_prefix = var.use_name_prefix ? var.name : null
   description = var.description
+  path        = var.path
   policy      = data.aws_iam_policy_document.combined.json
 
   tags = merge({ Name = var.name }, var.tags)

diff --git a/variables.tf b/variables.tf
@@ -39,6 +39,12 @@ variable "use_name_prefix" {
   type        = bool
 }
 
+variable "path" {
+  description = "Path in which to create the policy."
+  default     = "/"
+  type        = string
+}
+
 variable "policy_id" {
   description = "ID for the policy document."
   default     = null