From e5447350eefe5d1419a1c016afca5752b180d3b9 Mon Sep 17 00:00:00 2001 From: Webb Barker Date: Thu, 1 Apr 2021 10:04:16 -0400 Subject: [PATCH 1/6] Updates depedencies --- go.mod | 1 - go.sum | 2 -- vendor/modules.txt | 1 - 3 files changed, 4 deletions(-) diff --git a/go.mod b/go.mod index dddb87ab..13e52747 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,6 @@ go 1.14 require ( github.com/Cox-Automotive/alks-go v0.0.0-20200714135032-e03438e39d50 github.com/aws/aws-sdk-go v1.31.15 - github.com/hashicorp/go-cleanhttp v0.5.1 // indirect github.com/hashicorp/terraform v0.12.26 github.com/mitchellh/go-homedir v1.1.0 github.com/motain/gocheck v0.0.0-20131023154940-9beb271d26e6 // indirect diff --git a/go.sum b/go.sum index 925663b3..28040661 100644 --- a/go.sum +++ b/go.sum @@ -27,8 +27,6 @@ github.com/Azure/go-ntlmssp v0.0.0-20180810175552-4a21cbd618b4/go.mod h1:chxPXzS github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/ChrisTrenkamp/goxpath v0.0.0-20170922090931-c385f95c6022/go.mod h1:nuWgzSkT5PnyOd+272uUmV0dnAnAn42Mk7PiQC5VzN4= -github.com/Cox-Automotive/alks-go v0.0.0-20200605150811-11bd4c1de348 h1:4yYbNR8TKaRSYgRbQsH4cC4qFf4VZmmaVC8mp8VWZVg= -github.com/Cox-Automotive/alks-go v0.0.0-20200605150811-11bd4c1de348/go.mod h1:on+ImEZYjpdcu+CD07RLqMTQmiPkulolQJb387YMpPo= github.com/Cox-Automotive/alks-go v0.0.0-20200714135032-e03438e39d50 h1:vGPXuT++0/9xJJvn0rmTsPBJ6jgSIdoyFhNqZIK51bQ= github.com/Cox-Automotive/alks-go v0.0.0-20200714135032-e03438e39d50/go.mod h1:on+ImEZYjpdcu+CD07RLqMTQmiPkulolQJb387YMpPo= github.com/QcloudApi/qcloud_sign_golang v0.0.0-20141224014652-e4130a326409/go.mod h1:1pk82RBxDY/JZnPQrtqHlUFfCctgdorsd9M06fMynOM= diff --git a/vendor/modules.txt b/vendor/modules.txt index 460a7af1..acf9ac65 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -95,7 +95,6 @@ github.com/googleapis/gax-go/v2 # github.com/hashicorp/errwrap v1.0.0 github.com/hashicorp/errwrap # github.com/hashicorp/go-cleanhttp v0.5.1 -## explicit github.com/hashicorp/go-cleanhttp # github.com/hashicorp/go-getter v1.4.2-0.20200106182914-9813cbd4eb02 github.com/hashicorp/go-getter From b780f2a3fb1de38d921c275a65c8ef39e66be5f7 Mon Sep 17 00:00:00 2001 From: Webb Barker Date: Thu, 1 Apr 2021 10:07:12 -0400 Subject: [PATCH 2/6] Updates to latest alks-go and vendors --- go.mod | 2 +- go.sum | 2 + .../Cox-Automotive/alks-go/.travis.yml | 6 +-- .../Cox-Automotive/alks-go/Gopkg.lock | 28 ------------- .../Cox-Automotive/alks-go/Gopkg.toml | 42 ------------------- .../github.com/Cox-Automotive/alks-go/go.mod | 9 ++++ .../github.com/Cox-Automotive/alks-go/go.sum | 6 +++ .../Cox-Automotive/alks-go/iam_role.go | 25 ++++++----- .../Cox-Automotive/alks-go/response_base.go | 4 +- vendor/modules.txt | 2 +- 10 files changed, 36 insertions(+), 90 deletions(-) delete mode 100644 vendor/github.com/Cox-Automotive/alks-go/Gopkg.lock delete mode 100644 vendor/github.com/Cox-Automotive/alks-go/Gopkg.toml create mode 100644 vendor/github.com/Cox-Automotive/alks-go/go.mod create mode 100644 vendor/github.com/Cox-Automotive/alks-go/go.sum diff --git a/go.mod b/go.mod index 13e52747..0308c636 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/Cox-Automotive/terraform-provider-alks go 1.14 require ( - github.com/Cox-Automotive/alks-go v0.0.0-20200714135032-e03438e39d50 + github.com/Cox-Automotive/alks-go v0.0.0-20210331173447-21b08aca8d67 github.com/aws/aws-sdk-go v1.31.15 github.com/hashicorp/terraform v0.12.26 github.com/mitchellh/go-homedir v1.1.0 diff --git a/go.sum b/go.sum index 28040661..3869ccab 100644 --- a/go.sum +++ b/go.sum @@ -29,6 +29,8 @@ github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym github.com/ChrisTrenkamp/goxpath v0.0.0-20170922090931-c385f95c6022/go.mod h1:nuWgzSkT5PnyOd+272uUmV0dnAnAn42Mk7PiQC5VzN4= github.com/Cox-Automotive/alks-go v0.0.0-20200714135032-e03438e39d50 h1:vGPXuT++0/9xJJvn0rmTsPBJ6jgSIdoyFhNqZIK51bQ= github.com/Cox-Automotive/alks-go v0.0.0-20200714135032-e03438e39d50/go.mod h1:on+ImEZYjpdcu+CD07RLqMTQmiPkulolQJb387YMpPo= +github.com/Cox-Automotive/alks-go v0.0.0-20210331173447-21b08aca8d67 h1:vcruzED50hPyycvR6mtPXKy2zQoH+AOicCOuwiWr7Cg= +github.com/Cox-Automotive/alks-go v0.0.0-20210331173447-21b08aca8d67/go.mod h1:jJNgXthl59Vt2tJHSC3WZ0vlopV9xqdclfQuLgwHjOw= github.com/QcloudApi/qcloud_sign_golang v0.0.0-20141224014652-e4130a326409/go.mod h1:1pk82RBxDY/JZnPQrtqHlUFfCctgdorsd9M06fMynOM= github.com/Unknwon/com v0.0.0-20151008135407-28b053d5a292/go.mod h1:KYCjqMOeHpNuTOiFQU6WEcTG7poCJrUs0YgyHNtn1no= github.com/abdullin/seq v0.0.0-20160510034733-d5467c17e7af/go.mod h1:5Jv4cbFiHJMsVxt52+i0Ha45fjshj6wxYr1r19tB9bw= diff --git a/vendor/github.com/Cox-Automotive/alks-go/.travis.yml b/vendor/github.com/Cox-Automotive/alks-go/.travis.yml index 281f8efd..1ef5bc16 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/.travis.yml +++ b/vendor/github.com/Cox-Automotive/alks-go/.travis.yml @@ -1,12 +1,10 @@ language: go sudo: false go: - - 1.7 + - "1.12" - tip -before_install: -- go get github.com/hashicorp/go-cleanhttp -- go get github.com/motain/gocheck script: +- export GO111MODULE=on - make test notifications: email: false diff --git a/vendor/github.com/Cox-Automotive/alks-go/Gopkg.lock b/vendor/github.com/Cox-Automotive/alks-go/Gopkg.lock deleted file mode 100644 index bd76b5d5..00000000 --- a/vendor/github.com/Cox-Automotive/alks-go/Gopkg.lock +++ /dev/null @@ -1,28 +0,0 @@ -# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'. - - -[[projects]] - digest = "1:f47d6109c2034cb16bd62b220e18afd5aa9d5a1630fe5d937ad96a4fb7cbb277" - name = "github.com/hashicorp/go-cleanhttp" - packages = ["."] - pruneopts = "UT" - revision = "e8ab9daed8d1ddd2d3c4efba338fe2eeae2e4f18" - version = "v0.5.0" - -[[projects]] - branch = "master" - digest = "1:ccf5aea6ed0b685cf96235b0c3924a649ead8110c3f810cac4132a6ae86ca059" - name = "github.com/motain/gocheck" - packages = ["."] - pruneopts = "UT" - revision = "9beb271d26e640863a5bf4a3c5ea40ccdd466b84" - -[solve-meta] - analyzer-name = "dep" - analyzer-version = 1 - input-imports = [ - "github.com/hashicorp/go-cleanhttp", - "github.com/motain/gocheck", - ] - solver-name = "gps-cdcl" - solver-version = 1 diff --git a/vendor/github.com/Cox-Automotive/alks-go/Gopkg.toml b/vendor/github.com/Cox-Automotive/alks-go/Gopkg.toml deleted file mode 100644 index e2aa682c..00000000 --- a/vendor/github.com/Cox-Automotive/alks-go/Gopkg.toml +++ /dev/null @@ -1,42 +0,0 @@ -# Gopkg.toml example -# -# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html -# for detailed Gopkg.toml documentation. -# -# required = ["github.com/user/thing/cmd/thing"] -# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"] -# -# [[constraint]] -# name = "github.com/user/project" -# version = "1.0.0" -# -# [[constraint]] -# name = "github.com/user/project2" -# branch = "dev" -# source = "github.com/myfork/project2" -# -# [[override]] -# name = "github.com/x/y" -# version = "2.4.0" -# -# [prune] -# non-go = false -# go-tests = true -# unused-packages = true - - -[[constraint]] - branch = "master" - name = "github.com/Cox-Automotive/alks-go" - -[[constraint]] - name = "github.com/hashicorp/go-cleanhttp" - version = "0.5.0" - -[[constraint]] - branch = "master" - name = "github.com/motain/gocheck" - -[prune] - go-tests = true - unused-packages = true diff --git a/vendor/github.com/Cox-Automotive/alks-go/go.mod b/vendor/github.com/Cox-Automotive/alks-go/go.mod new file mode 100644 index 00000000..9f165be2 --- /dev/null +++ b/vendor/github.com/Cox-Automotive/alks-go/go.mod @@ -0,0 +1,9 @@ +module github.com/Cox-Automotive/alks-go + +go 1.16 + +require ( + github.com/hashicorp/go-cleanhttp v0.5.0 + github.com/motain/gocheck v0.0.0-20131023154940-9beb271d26e6 + launchpad.net/gocheck v0.0.0-20140225173054-000000000087 // indirect +) diff --git a/vendor/github.com/Cox-Automotive/alks-go/go.sum b/vendor/github.com/Cox-Automotive/alks-go/go.sum new file mode 100644 index 00000000..1fe8b025 --- /dev/null +++ b/vendor/github.com/Cox-Automotive/alks-go/go.sum @@ -0,0 +1,6 @@ +github.com/hashicorp/go-cleanhttp v0.5.0 h1:wvCrVc9TjDls6+YGAF2hAifE1E5U1+b4tH6KdvN3Gig= +github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= +github.com/motain/gocheck v0.0.0-20131023154940-9beb271d26e6 h1:gKdQPVb3yDSbcw4sgNyrt2LP0/4uTdrvTm3e4IcATCE= +github.com/motain/gocheck v0.0.0-20131023154940-9beb271d26e6/go.mod h1:RnPn6D1AAyccwR5T+py4G3eMhZuqr0/pGM6Ygpu1tDc= +launchpad.net/gocheck v0.0.0-20140225173054-000000000087 h1:Izowp2XBH6Ya6rv+hqbceQyw/gSGoXfH/UPoTGduL54= +launchpad.net/gocheck v0.0.0-20140225173054-000000000087/go.mod h1:hj7XX3B/0A+80Vse0e+BUHsHMTEhd0O4cpUHr/e/BUM= diff --git a/vendor/github.com/Cox-Automotive/alks-go/iam_role.go b/vendor/github.com/Cox-Automotive/alks-go/iam_role.go index 7eb977f3..6b789c6c 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/iam_role.go +++ b/vendor/github.com/Cox-Automotive/alks-go/iam_role.go @@ -10,10 +10,11 @@ import ( // IamRoleRequest is used to represent a new IAM Role request. type IamRoleRequest struct { - RoleName string `json:"roleName"` - RoleType string `json:"roleType"` - IncDefPols int `json:"includeDefaultPolicy"` - AlksAccess bool `json:"enableAlksAccess"` + RoleName string `json:"roleName"` + RoleType string `json:"roleType"` + IncDefPols int `json:"includeDefaultPolicy"` + AlksAccess bool `json:"enableAlksAccess"` + TemplateFields map[string]string `json:"templateFields,omitempty"` } // IamTrustRoleRequest is used to represent a new IAM Trust Role request. @@ -27,12 +28,13 @@ type IamTrustRoleRequest struct { // IamRoleResponse is used to represent a a IAM Role. type IamRoleResponse struct { BaseResponse - RoleName string `json:"roleName"` - RoleType string `json:"roleType"` - RoleArn string `json:"roleArn"` - RoleIPArn string `json:"instanceProfileArn"` - RoleAddedToIP bool `json:"addedRoleToInstanceProfile"` - Exists bool `json:"roleExists"` + RoleName string `json:"roleName"` + RoleType string `json:"roleType"` + RoleArn string `json:"roleArn"` + RoleIPArn string `json:"instanceProfileArn"` + RoleAddedToIP bool `json:"addedRoleToInstanceProfile"` + Exists bool `json:"roleExists"` + TemplateFields map[string]string `json:"templateFields,omitempty"` } // GetIamRoleResponse is used to represent a a IAM Role. @@ -94,7 +96,7 @@ type MachineIdentityResponse struct { // CreateIamRole will create a new IAM role on AWS. If no error is returned // then you will receive a IamRoleResponse object representing the new role. -func (c *Client) CreateIamRole(roleName string, roleType string, includeDefaultPolicies, enableAlksAccess bool) (*IamRoleResponse, error) { +func (c *Client) CreateIamRole(roleName, roleType string, templateFields map[string]string, includeDefaultPolicies, enableAlksAccess bool) (*IamRoleResponse, error) { log.Printf("[INFO] Creating IAM role: %s", roleName) var include int @@ -107,6 +109,7 @@ func (c *Client) CreateIamRole(roleName string, roleType string, includeDefaultP roleType, include, enableAlksAccess, + templateFields, } b, err := json.Marshal(struct { diff --git a/vendor/github.com/Cox-Automotive/alks-go/response_base.go b/vendor/github.com/Cox-Automotive/alks-go/response_base.go index a17014a9..9e016452 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/response_base.go +++ b/vendor/github.com/Cox-Automotive/alks-go/response_base.go @@ -15,9 +15,7 @@ func (b BaseResponse) RequestFailed() bool { // GetErrors returns a list of error messages from an ALKS response func (b BaseResponse) GetErrors() []string { var errorMessages []string - for _, err := range b.Errors { - errorMessages = append(errorMessages, err) - } + errorMessages = append(errorMessages, b.Errors...) if len(errorMessages) == 0 { errorMessages = []string{ diff --git a/vendor/modules.txt b/vendor/modules.txt index acf9ac65..0a1739d6 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -6,7 +6,7 @@ cloud.google.com/go/internal/optional cloud.google.com/go/internal/trace cloud.google.com/go/internal/version cloud.google.com/go/storage -# github.com/Cox-Automotive/alks-go v0.0.0-20200714135032-e03438e39d50 +# github.com/Cox-Automotive/alks-go v0.0.0-20210331173447-21b08aca8d67 ## explicit github.com/Cox-Automotive/alks-go # github.com/agext/levenshtein v1.2.2 From 5e127e6c5eea76f849225c821d6d23448f2a8b1f Mon Sep 17 00:00:00 2001 From: Webb Barker Date: Thu, 1 Apr 2021 10:09:20 -0400 Subject: [PATCH 3/6] Tidies deps --- go.mod | 2 -- go.sum | 2 -- 2 files changed, 4 deletions(-) diff --git a/go.mod b/go.mod index 0308c636..b27301c6 100644 --- a/go.mod +++ b/go.mod @@ -7,6 +7,4 @@ require ( github.com/aws/aws-sdk-go v1.31.15 github.com/hashicorp/terraform v0.12.26 github.com/mitchellh/go-homedir v1.1.0 - github.com/motain/gocheck v0.0.0-20131023154940-9beb271d26e6 // indirect - launchpad.net/gocheck v0.0.0-20140225173054-000000000087 // indirect ) diff --git a/go.sum b/go.sum index 3869ccab..a7f285b7 100644 --- a/go.sum +++ b/go.sum @@ -27,8 +27,6 @@ github.com/Azure/go-ntlmssp v0.0.0-20180810175552-4a21cbd618b4/go.mod h1:chxPXzS github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/ChrisTrenkamp/goxpath v0.0.0-20170922090931-c385f95c6022/go.mod h1:nuWgzSkT5PnyOd+272uUmV0dnAnAn42Mk7PiQC5VzN4= -github.com/Cox-Automotive/alks-go v0.0.0-20200714135032-e03438e39d50 h1:vGPXuT++0/9xJJvn0rmTsPBJ6jgSIdoyFhNqZIK51bQ= -github.com/Cox-Automotive/alks-go v0.0.0-20200714135032-e03438e39d50/go.mod h1:on+ImEZYjpdcu+CD07RLqMTQmiPkulolQJb387YMpPo= github.com/Cox-Automotive/alks-go v0.0.0-20210331173447-21b08aca8d67 h1:vcruzED50hPyycvR6mtPXKy2zQoH+AOicCOuwiWr7Cg= github.com/Cox-Automotive/alks-go v0.0.0-20210331173447-21b08aca8d67/go.mod h1:jJNgXthl59Vt2tJHSC3WZ0vlopV9xqdclfQuLgwHjOw= github.com/QcloudApi/qcloud_sign_golang v0.0.0-20141224014652-e4130a326409/go.mod h1:1pk82RBxDY/JZnPQrtqHlUFfCctgdorsd9M06fMynOM= From 5c193f75ce519db82d9c010c98716186fa514146 Mon Sep 17 00:00:00 2001 From: Webb Barker Date: Thu, 1 Apr 2021 11:48:29 -0400 Subject: [PATCH 4/6] Adds support for dynamic roles --- resource_alks_iamrole.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/resource_alks_iamrole.go b/resource_alks_iamrole.go index 71fb9b91..529dcc99 100644 --- a/resource_alks_iamrole.go +++ b/resource_alks_iamrole.go @@ -59,6 +59,12 @@ func resourceAlksIamRole() *schema.Resource { Default: false, Optional: true, }, + "template_fields": &schema.Schema{ + Type: schema.TypeMap, + Elem: schema.TypeString, + ForceNew: true, + Optional: true, + }, }, } } @@ -121,9 +127,15 @@ func resourceAlksIamRoleCreate(d *schema.ResourceData, meta interface{}) error { var roleType = d.Get("type").(string) var incDefPol = d.Get("include_default_policies").(bool) var enableAlksAccess = d.Get("enable_alks_access").(bool) + var rawTemplateFields = d.Get("template_fields").(map[string]interface{}) + + templateFields := make(map[string]string) + for k, v := range rawTemplateFields { + templateFields[k] = v.(string) + } client := meta.(*alks.Client) - resp, err := client.CreateIamRole(roleName, roleType, incDefPol, enableAlksAccess) + resp, err := client.CreateIamRole(roleName, roleType, templateFields, incDefPol, enableAlksAccess) if err != nil { return err From 4c01484faefbb4ed1777c305c14e414d186999ee Mon Sep 17 00:00:00 2001 From: Webb Barker Date: Thu, 1 Apr 2021 11:48:46 -0400 Subject: [PATCH 5/6] Adds example of dynamic role --- examples/alks.tf | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/examples/alks.tf b/examples/alks.tf index 379eb4f8..295b30d8 100644 --- a/examples/alks.tf +++ b/examples/alks.tf @@ -40,6 +40,18 @@ resource "alks_iamrole" "test_role" { enable_alks_access = true } +resource "alks_iamrole" "test_dynamic_role" { + name = "TEST-DELETE-DYNAMIC" + type = "Amazon EKS IRSA" + include_default_policies = false + enable_alks_access = true + template_fields = { + "OIDC_PROVIDER" = "abc1234" + "K8S_NAMESPACE" = "default" + "K8S_SERVICE_ACCOUNT" = "definitely-not-real" + } +} + # CREATE IAM ROLE -- Secondary Provider resource "alks_iamrole" "test_role_nonprod" { provider = alks.nonprod From ff04de8154f1165cccabaf808185f8c83d7eead6 Mon Sep 17 00:00:00 2001 From: Webb Barker Date: Fri, 2 Apr 2021 09:17:56 -0400 Subject: [PATCH 6/6] Updates resouce docs for IAM Role type, formats alks.tf example file --- docs/resources/alks_iamrole.md | 24 ++++++++++++++++++++++-- examples/alks.tf | 10 +++++----- 2 files changed, 27 insertions(+), 7 deletions(-) diff --git a/docs/resources/alks_iamrole.md b/docs/resources/alks_iamrole.md index 0493d8ec..e25d8969 100644 --- a/docs/resources/alks_iamrole.md +++ b/docs/resources/alks_iamrole.md @@ -5,6 +5,7 @@ Creates an custom ALKS IAM role for usage in an AWS account. ## Example Usage ### ALKS IAM Role Creation + ```hcl resource "alks_iamrole" "test_role" { name = "My_Test_Role" @@ -14,9 +15,26 @@ resource "alks_iamrole" "test_role" { } ``` +### ALKS Dynamic Role Creation + +```hcl +resource "alks_iamrole" "test_dynamic_role" { + name = "my_dynamic_role" + type = "Amazon EKS IRSA" + include_default_policies = false + enable_alks_access = false + template_fields = { + "OIDC_PROVIDER" = "abc1234" + "K8S_NAMESPACE" = "default" + "K8S_SERVICE_ACCOUNT" = "my-service-account" + } +} +``` + ## Argument Reference The following arguments are supported: + * `name` - (Required) The name of the ALKS IAM role which will be reflected in AWS and the ALKS UI. * `type` - (Required) The role type to use. To see a list of available roles, [call this endpoint](https://pages.ghe.coxautoinc.com/ETS-CloudAutomation/ALKS-Documentation/#/aws-role-type-rest-service/getAllAwsRoleTypesUsingGET). * `include_default_policies` - (Required) Whether or not the default manages policies should be attached to the role. @@ -24,12 +42,14 @@ The following arguments are supported: * `arn` - (Computed) Provides the ARN of the role that was created. * `ip_arn` - (Computed) If `role_added_to_ip` was `true` this will provide the ARN of the instance profile role. * `enable_alks_access` - (Optional) If `true`, allows ALKS calls to be made by instance profiles or Lambda functions making use of this role. Note: This enables **machine identity** capability. +* `template_fields` - (Optional) If present, will submit template field data to ALKS. Note: This will generate an error if the role type does not support template fields. ## Import !> **Warning:** This will force-replace the resource. ALKS IAM roles can be imported using the `name`, e.g. -``` -$ terraform import alks_iamrole.test_role My_Test_Role + +```sh +terraform import alks_iamrole.test_role My_Test_Role ``` \ No newline at end of file diff --git a/examples/alks.tf b/examples/alks.tf index 295b30d8..6ac2f0a2 100644 --- a/examples/alks.tf +++ b/examples/alks.tf @@ -46,8 +46,8 @@ resource "alks_iamrole" "test_dynamic_role" { include_default_policies = false enable_alks_access = true template_fields = { - "OIDC_PROVIDER" = "abc1234" - "K8S_NAMESPACE" = "default" + "OIDC_PROVIDER" = "abc1234" + "K8S_NAMESPACE" = "default" "K8S_SERVICE_ACCOUNT" = "definitely-not-real" } } @@ -64,7 +64,7 @@ resource "alks_iamrole" "test_role_nonprod" { # ATTACH POLICY resource "aws_iam_role_policy" "test_policy" { name = "test_policy" - role = "${alks_iamrole.test_role.name}" + role = alks_iamrole.test_role.name policy = <