Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 3a21ac5

Browse files
authored
feat: Add max session duration for IAM role (terraform-aws-modules#391)
1 parent 95e6a57 commit 3a21ac5

File tree

8 files changed

+16
-4
lines changed

8 files changed

+16
-4
lines changed

‎README.md‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -821,6 +821,7 @@ No modules.
821821
| <a name="input_reserved_concurrent_executions"></a> [reserved\_concurrent\_executions](#input\_reserved\_concurrent\_executions) | The amount of reserved concurrent executions for this Lambda Function. A value of 0 disables Lambda Function from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. | `number` | `-1` | no |
822822
| <a name="input_role_description"></a> [role\_description](#input\_role\_description) | Description of IAM role to use for Lambda Function | `string` | `null` | no |
823823
| <a name="input_role_force_detach_policies"></a> [role\_force\_detach\_policies](#input\_role\_force\_detach\_policies) | Specifies to force detaching any policies the IAM role has before destroying it. | `bool` | `true` | no |
824+
| <a name="input_role_maximum_session_duration"></a> [role\_maximum\_session\_duration](#input\_role\_maximum\_session\_duration) | Maximum session duration, in seconds, for the IAM role | `number` | `3600` | no |
824825
| <a name="input_role_name"></a> [role\_name](#input\_role\_name) | Name of IAM role to use for Lambda Function | `string` | `null` | no |
825826
| <a name="input_role_path"></a> [role\_path](#input\_role\_path) | Path of IAM role to use for Lambda Function | `string` | `null` | no |
826827
| <a name="input_role_permissions_boundary"></a> [role\_permissions\_boundary](#input\_role\_permissions\_boundary) | The ARN of the policy that is used to set the permissions boundary for the IAM role used by Lambda Function | `string` | `null` | no |

‎examples/simple/main.tf‎

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,8 @@ module "lambda_function" {
3939
handler = "index.lambda_handler"
4040
runtime = "python3.8"
4141

42+
# role_maximum_session_duration = 7200
43+
4244
# attach_cloudwatch_logs_policy = false
4345

4446
# use_existing_cloudwatch_log_group = true

‎examples/with-efs/README.md‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ Note that this example may create resources which cost money. Run `terraform des
3636
| Name | Source | Version |
3737
|------|--------|---------|
3838
| <a name="module_lambda_function_with_efs"></a> [lambda\_function\_with\_efs](#module\_lambda\_function\_with\_efs) | ../../ | n/a |
39-
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | n/a |
39+
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 3.0 |
4040

4141
## Resources
4242

‎examples/with-efs/main.tf‎

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,8 @@ module "lambda_function_with_efs" {
4444
######
4545

4646
module "vpc" {
47-
source = "terraform-aws-modules/vpc/aws"
47+
source = "terraform-aws-modules/vpc/aws"
48+
version = "~> 3.0"
4849

4950
name = random_pet.this.id
5051
cidr = "10.10.0.0/16"

‎examples/with-vpc/README.md‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ Note that this example may create resources which cost money. Run `terraform des
3636
| Name | Source | Version |
3737
|------|--------|---------|
3838
| <a name="module_lambda_function_in_vpc"></a> [lambda\_function\_in\_vpc](#module\_lambda\_function\_in\_vpc) | ../../ | n/a |
39-
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | n/a |
39+
| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 3.0 |
4040

4141
## Resources
4242

‎examples/with-vpc/main.tf‎

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,8 @@ module "lambda_function_in_vpc" {
3030
}
3131

3232
module "vpc" {
33-
source = "terraform-aws-modules/vpc/aws"
33+
source = "terraform-aws-modules/vpc/aws"
34+
version = "~> 3.0"
3435

3536
name = random_pet.this.id
3637
cidr = "10.10.0.0/16"

‎iam.tf‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,7 @@ resource "aws_iam_role" "lambda" {
100100
force_detach_policies = var.role_force_detach_policies
101101
permissions_boundary = var.role_permissions_boundary
102102
assume_role_policy = data.aws_iam_policy_document.assume_role[0].json
103+
max_session_duration = var.role_maximum_session_duration
103104

104105
tags = merge(var.tags, var.role_tags)
105106
}

‎variables.tf‎

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -447,6 +447,12 @@ variable "role_tags" {
447447
default = {}
448448
}
449449

450+
variable "role_maximum_session_duration" {
451+
description = "Maximum session duration, in seconds, for the IAM role"
452+
type = number
453+
default = 3600
454+
}
455+
450456
###########
451457
# Policies
452458
###########

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /