Slackbot
03/21/2023, 2:11 PMNataly
03/21/2023, 2:13 PMNataly
03/21/2023, 2:14 PMNataly
03/21/2023, 2:15 PMEd
03/21/2023, 2:16 PMNataly
03/21/2023, 2:17 PMEd
03/21/2023, 2:17 PMrole_arn = "arn:aws:iam::xxxx:role/terraform"
Justin S
03/21/2023, 2:21 PMNataly
03/21/2023, 2:21 PMNataly
03/21/2023, 2:21 PMCan you not just configure that in the providerThen end-users have control over which AWS instance they connect to
Justin S
03/21/2023, 2:22 PMprovider "aws" {
region = "us-gov-west-1"
allowed_account_ids = [
"yyyyyy"
]
assume_role {
role_arn = "arn:aws-us-gov:iam::xxxxxxxx:role/terraform_infra"
}
default_tags {
tags = {
Environment = "dev"
DeploymentID = "infra"
Terraform = "true"
}
}
}
Justin S
03/21/2023, 2:22 PMEd
03/21/2023, 2:24 PMJustin S
03/21/2023, 2:24 PMJustin S
03/21/2023, 2:25 PMEd
03/21/2023, 2:25 PMJustin S
03/21/2023, 2:25 PMJustin S
03/21/2023, 2:26 PMallowed accounts
variable, and then users generate their provider config so its always correct.Justin S
03/21/2023, 2:27 PMallowed_account_ids
Chastity Blackwell
03/21/2023, 2:37 PMChastity Blackwell
03/21/2023, 2:38 PMNataly
03/21/2023, 5:18 PM