Documentation
¶
Overview ¶
Package aws renders the install-stacks/aws Terraform module's tfvars file for an AWS install.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Render ¶
Render emits a JSON-wrapped tfvars envelope for the install-stacks/aws module.
`supportIAMRoleARN` is the Nuon control-plane IAM role ARN that the operation roles (provision/maintenance/deprovision/break-glass/custom) must trust. Sourced from the ctl-api `runner_default_support_iam_role_arn` config — same value the CFN role-builder uses
Custom nested stacks (CloudFormation customer extensions) are intentionally not translated. Vendors who extend their CFN stack with custom resources are expected to fork install-stacks and make equivalent Terraform changes there.
Types ¶
type AWSRoleTemplateInput ¶
type AWSRoleTemplateInput struct {
Name string
Permissions string
InlinePolicyDocument string
ManagedPolicyArns string
}
AWSRoleTemplateInput holds the per-role data rendered into the template.
type AWSSecretTemplateInput ¶
AWSSecretTemplateInput holds a non-auto-gen secret definition for the template.
type AWSTemplateInput ¶
type AWSTemplateInput struct {
*stacks.TemplateInput
ControlPlaneAccountIDs string
ProvisionPermissions string
MaintenancePermissions string
DeprovisionPermissions string
ProvisionInlinePolicyDocument string
MaintenanceInlinePolicyDocument string
DeprovisionInlinePolicyDocument string
ProvisionManagedPolicyArns string
MaintenanceManagedPolicyArns string
DeprovisionManagedPolicyArns string
BreakGlassRoles []AWSRoleTemplateInput
CustomRoles []AWSRoleTemplateInput
InstallInputs []string
AutoGenerateSecrets []string
Secrets []AWSSecretTemplateInput
}
AWSTemplateInput extends TemplateInput with pre-marshaled AWS IAM data.
Source Files