terraform-aws-mcaf-gitlab-oidc
Terraform module to configure GitLab as an IAM OIDC identity provider in AWS.
IMPORTANT: We do not pin modules to versions in our examples. We highly recommend that in your code you pin the version to the exact version you are using so that your infrastructure remains stable.
Requirements
Providers
Name |
Version |
aws
|
>= 4.0.0 |
tls
|
>= 4.0.0 |
Modules
Name |
Source |
Version |
oidc_role
|
schubergphilis/mcaf-role/aws |
~> 0.4.0 |
Resources
Inputs
Name |
Description |
Type |
Default |
Required |
create_provider
|
Toggle to whether or not create the provider. Put to false to not create the provider but instead data source it and create roles only. |
bool |
true |
no |
gitlab_url
|
GitLab URL. The address of your GitLab instance, such as https://gitlab.com or https://gitlab.example.com. |
string |
"https://gitlab.com" |
no |
iam_roles
|
Configuration for IAM roles, the key of the map is used as the IAM role name. Unless overwritten by setting the name field. |
map(object({ description = optional(string, "Role assumed by the Gitlab IAM OIDC provider") name = optional(string, null) path = optional(string, "/") permissions_boundary_arn = optional(string, "") policy = optional(string, null) policy_arns = optional(set(string), []) subject_filter_allowed = object({ path = string ref_type = string ref = string }) }))
|
{} |
no |
tags
|
A mapping of tags to assign to all resources. |
map(string) |
null |
no |
Outputs
Name |
Description |
iam_roles
|
Map GitLab OIDC IAM roles name and ARN |
Licensing
100% Open Source and licensed under the Apache License Version 2.0. See LICENSE for full details.