Skip to content

Commit 9a6e314

Browse files
tim-knight-nhstim-knight-nhs
committed
[ndr-297] rename of dev_github_actions
1 parent ef01c8f commit 9a6e314

File tree

3 files changed

+15
-17
lines changed

3 files changed

+15
-17
lines changed

base_iam/iam_github_dev.tf

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
1-
# aws_iam_role.github_role_dev[0]:
2-
resource "aws_iam_role" "github_role_dev" {
1+
# aws_iam_role.dev_github_actions[0]:
2+
resource "aws_iam_role" "dev_github_actions" {
33
count = local.is_sandbox_or_dev ? 1 : 0
44
name = "${terraform.workspace}-github-actions-role"
5-
description = "This role is to provide access for GitHub actions to the development environment. "
5+
description = "This role is to provide access for GitHub Actions to the ${terraform.workspace} environment. "
66
force_detach_policies = false
77
max_session_duration = 3600
88
name_prefix = null
@@ -48,7 +48,7 @@ resource "aws_iam_role" "github_role_dev" {
4848

4949
resource "aws_iam_role_policy" "cloudtrail_dev" {
5050
count = local.is_sandbox_or_dev ? 1 : 0
51-
role = aws_iam_role.github_role_dev[0].id
51+
role = aws_iam_role.dev_github_actions[0].id
5252
name = "cloudtrail"
5353
policy = jsonencode(
5454
{
@@ -82,7 +82,7 @@ resource "aws_iam_role_policy" "cloudtrail_dev" {
8282

8383
resource "aws_iam_role_policy" "cloudwatch_logs_policy_dev" {
8484
count = local.is_sandbox_or_dev ? 1 : 0
85-
role = aws_iam_role.github_role_dev[0].id
85+
role = aws_iam_role.dev_github_actions[0].id
8686
name = "cloudwatch_logs_policy"
8787
policy = jsonencode(
8888
{
@@ -124,7 +124,7 @@ resource "aws_iam_role_policy" "cloudwatch_logs_policy_dev" {
124124

125125
resource "aws_iam_role_policy" "ecs_policy_dev" {
126126
count = local.is_sandbox_or_dev ? 1 : 0
127-
role = aws_iam_role.github_role_dev[0].id
127+
role = aws_iam_role.dev_github_actions[0].id
128128
name = "ecs_policy"
129129
policy = jsonencode(
130130
{
@@ -146,7 +146,7 @@ resource "aws_iam_role_policy" "ecs_policy_dev" {
146146

147147
resource "aws_iam_role_policy" "github_actions_waf_override_dev" {
148148
count = local.is_sandbox_or_dev ? 1 : 0
149-
role = aws_iam_role.github_role_dev[0].id
149+
role = aws_iam_role.dev_github_actions[0].id
150150
name = "github_actions_waf_override"
151151
policy = jsonencode(
152152
{
@@ -164,7 +164,7 @@ resource "aws_iam_role_policy" "github_actions_waf_override_dev" {
164164

165165
resource "aws_iam_role_policy" "lambda_layer_policy_dev" {
166166
count = local.is_sandbox_or_dev ? 1 : 0
167-
role = aws_iam_role.github_role_dev[0].id
167+
role = aws_iam_role.dev_github_actions[0].id
168168
name = "lambda_layer_policy"
169169
policy = jsonencode(
170170
{
@@ -192,7 +192,7 @@ resource "aws_iam_role_policy" "lambda_layer_policy_dev" {
192192

193193
resource "aws_iam_role_policy" "rum_policy_dev" {
194194
count = local.is_sandbox_or_dev ? 1 : 0
195-
role = aws_iam_role.github_role_dev[0].id
195+
role = aws_iam_role.dev_github_actions[0].id
196196
name = "rum_policy"
197197
policy = jsonencode(
198198
{
@@ -254,7 +254,7 @@ resource "aws_iam_role_policy" "rum_policy_dev" {
254254

255255
resource "aws_iam_role_policy" "step_functions_dev" {
256256
count = local.is_sandbox_or_dev ? 1 : 0
257-
role = aws_iam_role.github_role_dev[0].id
257+
role = aws_iam_role.dev_github_actions[0].id
258258
name = "step_functions"
259259
policy = jsonencode(
260260
{
@@ -280,7 +280,7 @@ resource "aws_iam_role_policy" "step_functions_dev" {
280280

281281
resource "aws_iam_role_policy" "github_terraform_tagging_policy_dev" {
282282
count = local.is_sandbox_or_dev ? 1 : 0
283-
role = aws_iam_role.github_role_dev[0].id
283+
role = aws_iam_role.dev_github_actions[0].id
284284
name = "github_terraform_tagging_policy"
285285
policy = jsonencode(
286286
{
@@ -389,13 +389,13 @@ resource "aws_iam_role_policy" "github_terraform_tagging_policy_dev" {
389389

390390
resource "aws_iam_role_policy_attachment" "ReadOnlyAccess_dev" {
391391
count = local.is_sandbox_or_dev ? 1 : 0
392-
role = aws_iam_role.github_role_dev[0].name
392+
role = aws_iam_role.dev_github_actions[0].name
393393
policy_arn = "arn:aws:iam::aws:policy/ReadOnlyAccess"
394394
}
395395

396396
resource "aws_iam_role_policy_attachment" "github_actions_terraform_full_dev" {
397397
count = local.is_sandbox_or_dev ? 1 : 0
398-
role = aws_iam_role.github_role_dev[0].name
398+
role = aws_iam_role.dev_github_actions[0].name
399399
policy_arn = aws_iam_policy.github_actions_terraform_full_dev[0].arn
400400
}
401401

@@ -657,7 +657,7 @@ resource "aws_iam_policy" "github_actions_terraform_full_dev" {
657657

658658
resource "aws_iam_role_policy_attachment" "github_actions_extended_dev" {
659659
count = local.is_sandbox_or_dev ? 1 : 0
660-
role = aws_iam_role.github_role_dev[0].name
660+
role = aws_iam_role.dev_github_actions[0].name
661661
policy_arn = aws_iam_policy.github_actions_extended_dev[0].arn
662662
}
663663

base_iam/terraform.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ terraform {
33
required_providers {
44
aws = {
55
source = "hashicorp/aws"
6-
version = "~> 5.0"
6+
version = "~> 6.0"
77
}
88
}
99

base_iam/variables.tf

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -23,12 +23,10 @@ variable "aws_account_id" {
2323
locals {
2424
is_sandbox = !contains(["ndr-dev", "ndr-test", "pre-prod", "prod"], terraform.workspace)
2525
is_production = contains(["pre-prod", "prod"], terraform.workspace)
26-
2726
is_sandbox_or_dev = !contains(["ndr-test", "pre-prod", "prod"], terraform.workspace)
2827
is_development = terraform.workspace == "ndr-dev"
2928
is_testing = terraform.workspace == "ndr-test"
3029
is_pre_production = terraform.workspace == "pre-prod"
3130
is_prod = terraform.workspace == "prod"
32-
3331
shared_terraform_state_bucket = "ndr-${var.environment}-terraform-state-${data.aws_caller_identity.current.account_id}"
3432
}

0 commit comments

Comments
 (0)