diff --git a/deploy/infrastructure/dependencies/terraform-aws-kubernetes/variables.tf b/deploy/infrastructure/dependencies/terraform-aws-kubernetes/variables.tf index d1bfb1375..1b73a3e34 100644 --- a/deploy/infrastructure/dependencies/terraform-aws-kubernetes/variables.tf +++ b/deploy/infrastructure/dependencies/terraform-aws-kubernetes/variables.tf @@ -36,12 +36,13 @@ variable "aws_route53_zone_id" { variable "aws_iam_permissions_boundary" { type = string description = <<-EOT - AWS IAM Policy to be used for permissions boundaries on created roles. + AWS IAM Policy ARN to be used for permissions boundaries on created roles. - Example: `GithubCIPermissionBoundaries` + Example: `arn:aws:iam::123456789012:policy/GithubCIPermissionBoundaries` EOT } + variable "app_hostname" { type = string description = <<-EOT diff --git a/deploy/infrastructure/modules/terraform-aws-dss/TFVARS.md b/deploy/infrastructure/modules/terraform-aws-dss/TFVARS.md index e0bbc8e1f..99b04c8ed 100644 --- a/deploy/infrastructure/modules/terraform-aws-dss/TFVARS.md +++ b/deploy/infrastructure/modules/terraform-aws-dss/TFVARS.md @@ -44,9 +44,9 @@ Example: `Z0123456789ABCDEFGHIJ` *Type: `string`* -AWS IAM Policy to be used for permissions boundaries on created roles. +AWS IAM Policy ARN to be used for permissions boundaries on created roles. -Example: `GithubCIPermissionBoundaries` +Example: `arn:aws:iam::123456789012:policy/GithubCIPermissionBoundaries` ### app_hostname diff --git a/deploy/infrastructure/modules/terraform-aws-dss/variables.tf b/deploy/infrastructure/modules/terraform-aws-dss/variables.tf index ee911afe5..3d276e351 100644 --- a/deploy/infrastructure/modules/terraform-aws-dss/variables.tf +++ b/deploy/infrastructure/modules/terraform-aws-dss/variables.tf @@ -36,12 +36,13 @@ variable "aws_route53_zone_id" { variable "aws_iam_permissions_boundary" { type = string description = <<-EOT - AWS IAM Policy to be used for permissions boundaries on created roles. + AWS IAM Policy ARN to be used for permissions boundaries on created roles. - Example: `GithubCIPermissionBoundaries` + Example: `arn:aws:iam::123456789012:policy/GithubCIPermissionBoundaries` EOT } + variable "app_hostname" { type = string description = <<-EOT diff --git a/deploy/infrastructure/utils/definitions/aws_iam_permissions_boundary.tf b/deploy/infrastructure/utils/definitions/aws_iam_permissions_boundary.tf index 16dc72db7..1279be202 100644 --- a/deploy/infrastructure/utils/definitions/aws_iam_permissions_boundary.tf +++ b/deploy/infrastructure/utils/definitions/aws_iam_permissions_boundary.tf @@ -1,8 +1,8 @@ variable "aws_iam_permissions_boundary" { type = string description = <<-EOT - AWS IAM Policy to be used for permissions boundaries on created roles. + AWS IAM Policy ARN to be used for permissions boundaries on created roles. - Example: `GithubCIPermissionBoundaries` + Example: `arn:aws:iam::123456789012:policy/GithubCIPermissionBoundaries` EOT -} \ No newline at end of file +} diff --git a/deploy/operations/ci/aws-1/variables.tf b/deploy/operations/ci/aws-1/variables.tf index ee911afe5..3d276e351 100644 --- a/deploy/operations/ci/aws-1/variables.tf +++ b/deploy/operations/ci/aws-1/variables.tf @@ -36,12 +36,13 @@ variable "aws_route53_zone_id" { variable "aws_iam_permissions_boundary" { type = string description = <<-EOT - AWS IAM Policy to be used for permissions boundaries on created roles. + AWS IAM Policy ARN to be used for permissions boundaries on created roles. - Example: `GithubCIPermissionBoundaries` + Example: `arn:aws:iam::123456789012:policy/GithubCIPermissionBoundaries` EOT } + variable "app_hostname" { type = string description = <<-EOT