Upgraded module to support Terraform 0.12 (#29)

.pre-commit-config.yaml

@@ -3,7 +3,7 @@ repos:
   rev: v1.12.0
   hooks:
     - id: terraform_fmt
-    - id: terraform_docs
+#    - id: terraform_docs
 - repo: git://github.com/pre-commit/pre-commit-hooks
   rev: v2.2.3
   hooks:

CHANGELOG.md

@@ -3,9 +3,17 @@
 
 
 
+<a name="v2.0.0"></a>
+## [v2.0.0] - 2019-06-11
+
+- Upgraded module to support Terraform 0.12
+- upgrade to 0.12 syntax
+
+
 <a name="v1.0.0"></a>
 ## [v1.0.0] - 2019-06-11
 
+- Updated CHANGELOG
 - Fixed styles after [#26](https://github.com/terraform-aws-modules/terraform-aws-iam/issues/26)
 - iam-user,iam-assumable-role,iam-assumable-roles,iam-assumable-roles-with-saml tags support ([#26](https://github.com/terraform-aws-modules/terraform-aws-iam/issues/26))
 
@@ -91,7 +99,8 @@
 - Initial commit
 
 
-[Unreleased]: https://github.com/terraform-aws-modules/terraform-aws-iam/compare/v1.0.0...HEAD
+[Unreleased]: https://github.com/terraform-aws-modules/terraform-aws-iam/compare/v2.0.0...HEAD
+[v2.0.0]: https://github.com/terraform-aws-modules/terraform-aws-iam/compare/v1.0.0...v2.0.0
 [v1.0.0]: https://github.com/terraform-aws-modules/terraform-aws-iam/compare/v0.5.0...v1.0.0
 [v0.5.0]: https://github.com/terraform-aws-modules/terraform-aws-iam/compare/v0.4.0...v0.5.0
 [v0.4.0]: https://github.com/terraform-aws-modules/terraform-aws-iam/compare/v0.3.0...v0.4.0

README.md

@@ -28,7 +28,8 @@ Terraform 0.11. Pin module version to `~> v1.0`. Submit pull-requests to `terraf
 `iam-account`:
 ```hcl
 module "iam_account" {
-  source = "terraform-aws-modules/iam/aws//modules/iam-account"
+  source  = "terraform-aws-modules/iam/aws//modules/iam-account"
+  version = "~> 2.0"
 
   account_alias = "awesome-company"
 
@@ -41,6 +42,7 @@ module "iam_account" {
 ```hcl
 module "iam_assumable_role" {
   source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role"
+  version = "~> 2.0"
 
   trusted_role_arns = [
     "arn:aws:iam::307990089504:root",
@@ -62,7 +64,8 @@ module "iam_assumable_role" {
 `iam-assumable-roles`:
 ```hcl
 module "iam_assumable_roles" {
-  source = "terraform-aws-modules/iam/aws//modules/iam-assumable-roles"
+  source  = "terraform-aws-modules/iam/aws//modules/iam-assumable-roles"
+  version = "~> 2.0"
 
   trusted_role_arns = [
     "arn:aws:iam::307990089504:root",
@@ -82,7 +85,8 @@ module "iam_assumable_roles" {
 `iam-assumable-roles-with-saml`:
 ```hcl
 module "iam_assumable_roles_with_saml" {
-  source = "terraform-aws-modules/iam/aws//modules/iam-assumable-roles-with-saml"
+  source  = "terraform-aws-modules/iam/aws//modules/iam-assumable-roles-with-saml"
+  version = "~> 2.0"
 
   create_admin_role = true
 
@@ -99,7 +103,8 @@ module "iam_assumable_roles_with_saml" {
 `iam-user`:
 ```hcl
 module "iam_user" {
-  source = "terraform-aws-modules/iam/aws//modules/iam-user"
+  source  = "terraform-aws-modules/iam/aws//modules/iam-user"
+  version = "~> 2.0"
 
   name          = "vasya.pupkin"
   force_destroy = true
@@ -113,7 +118,8 @@ module "iam_user" {
 `iam-policy`:
 ```hcl
 module "iam_policy" {
-  source = "terraform-aws-modules/iam/aws//modules/iam-policy"
+  source  = "terraform-aws-modules/iam/aws//modules/iam-policy"
+  version = "~> 2.0"
 
   name        = "example"
   path        = "/"
@@ -139,7 +145,8 @@ EOF
 `iam-group-with-assumable-roles-policy`:
 ```hcl
 module "iam_group_with_assumable_roles_policy" {
-  source = "terraform-aws-modules/iam/aws//modules/iam-group-with-assumable-roles-policy"
+  source  = "terraform-aws-modules/iam/aws//modules/iam-group-with-assumable-roles-policy"
+  version = "~> 2.0"
 
   name = "production-readonly"
 
@@ -157,7 +164,8 @@ module "iam_group_with_assumable_roles_policy" {
 `iam-group-with-policies`:
 ```hcl
 module "iam_group_with_policies" {
-  source = "terraform-aws-modules/iam/aws//modules/iam-group-with-policies"
+  source  = "terraform-aws-modules/iam/aws//modules/iam-group-with-policies"
+  version = "~> 2.0"
 
   name = "superadmins"
 
@@ -175,7 +183,7 @@ module "iam_group_with_policies" {
   custom_group_policies = [
     {
       name   = "AllowS3Listing"
-      policy = "${data.aws_iam_policy_document.sample.json}"
+      policy = data.aws_iam_policy_document.sample.json
     }
   ]
 }

examples/iam-account/main.tf

@@ -8,7 +8,7 @@ provider "aws" {
 module "iam_account" {
   source = "../../modules/iam-account"
 
-  account_alias = "test-account-awesome-company"
+  account_alias = "new-test-account-awesome-company"
 
   minimum_password_length = 6
   require_numbers         = false

examples/iam-account/outputs.tf

@@ -1,9 +1,9 @@
 output "this_caller_identity_account_id" {
   description = "The ID of the AWS account"
-  value       = "${module.iam_account.this_caller_identity_account_id}"
+  value       = module.iam_account.this_caller_identity_account_id
 }
 
 output "this_iam_account_password_policy_expire_passwords" {
   description = "Indicates whether passwords in the account expire. Returns true if max_password_age contains a value greater than 0. Returns false if it is 0 or not present."
-  value       = "${module.iam_account.this_iam_account_password_policy_expire_passwords}"
+  value       = module.iam_account.this_iam_account_password_policy_expire_passwords
 }

examples/iam-assumable-role/outputs.tf

@@ -1,19 +1,19 @@
 output "this_iam_role_arn" {
   description = "ARN of IAM role"
-  value       = "${module.iam_assumable_role_admin.this_iam_role_arn}"
+  value       = module.iam_assumable_role_admin.this_iam_role_arn
 }
 
 output "this_iam_role_name" {
   description = "Name of IAM role"
-  value       = "${module.iam_assumable_role_admin.this_iam_role_name}"
+  value       = module.iam_assumable_role_admin.this_iam_role_name
 }
 
 output "this_iam_role_path" {
   description = "Path of IAM role"
-  value       = "${module.iam_assumable_role_admin.this_iam_role_path}"
+  value       = module.iam_assumable_role_admin.this_iam_role_path
 }
 
 output "role_requires_mfa" {
   description = "Whether admin IAM role requires MFA"
-  value       = "${module.iam_assumable_role_admin.role_requires_mfa}"
+  value       = module.iam_assumable_role_admin.role_requires_mfa
 }

examples/iam-assumable-roles-with-saml/main.tf

@@ -4,7 +4,7 @@ provider "aws" {
 
 resource "aws_iam_saml_provider" "idp_saml" {
   name                   = "idp_saml"
-  saml_metadata_document = "${file("saml-metadata.xml")}"
+  saml_metadata_document = file("saml-metadata.xml")
 }
 
 ###############################
@@ -21,8 +21,8 @@ module "iam_assumable_roles_with_saml" {
 
   create_readonly_role = true
 
-  provider_name = "${aws_iam_saml_provider.idp_saml.name}"
-  provider_id   = "${aws_iam_saml_provider.idp_saml.id}"
+  provider_name = aws_iam_saml_provider.idp_saml.name
+  provider_id   = aws_iam_saml_provider.idp_saml.id
 }
 
 #################################################################
@@ -35,6 +35,6 @@ module "iam_assumable_roles_with_saml_custom" {
   poweruser_role_name        = "Billing-And-Support-Access"
   poweruser_role_policy_arns = ["arn:aws:iam::aws:policy/job-function/Billing", "arn:aws:iam::aws:policy/AWSSupportAccess"]
 
-  provider_name = "${aws_iam_saml_provider.idp_saml.name}"
-  provider_id   = "${aws_iam_saml_provider.idp_saml.id}"
+  provider_name = aws_iam_saml_provider.idp_saml.name
+  provider_id   = aws_iam_saml_provider.idp_saml.id
 }

examples/iam-assumable-roles-with-saml/outputs.tf

@@ -1,47 +1,47 @@
 # Admin
 output "admin_iam_role_arn" {
   description = "ARN of admin IAM role"
-  value       = "${module.iam_assumable_roles_with_saml.admin_iam_role_arn}"
+  value       = module.iam_assumable_roles_with_saml.admin_iam_role_arn
 }
 
 output "admin_iam_role_name" {
   description = "Name of admin IAM role"
-  value       = "${module.iam_assumable_roles_with_saml.admin_iam_role_name}"
+  value       = module.iam_assumable_roles_with_saml.admin_iam_role_name
 }
 
 output "admin_iam_role_path" {
   description = "Path of admin IAM role"
-  value       = "${module.iam_assumable_roles_with_saml.admin_iam_role_path}"
+  value       = module.iam_assumable_roles_with_saml.admin_iam_role_path
 }
 
 # Poweruser
 output "poweruser_iam_role_arn" {
   description = "ARN of poweruser IAM role"
-  value       = "${module.iam_assumable_roles_with_saml.poweruser_iam_role_arn}"
+  value       = module.iam_assumable_roles_with_saml.poweruser_iam_role_arn
 }
 
 output "poweruser_iam_role_name" {
   description = "Name of poweruser IAM role"
-  value       = "${module.iam_assumable_roles_with_saml.poweruser_iam_role_name}"
+  value       = module.iam_assumable_roles_with_saml.poweruser_iam_role_name
 }
 
 output "poweruser_iam_role_path" {
   description = "Path of poweruser IAM role"
-  value       = "${module.iam_assumable_roles_with_saml.poweruser_iam_role_path}"
+  value       = module.iam_assumable_roles_with_saml.poweruser_iam_role_path
 }
 
 # Readonly
 output "readonly_iam_role_arn" {
   description = "ARN of readonly IAM role"
-  value       = "${module.iam_assumable_roles_with_saml.readonly_iam_role_arn}"
+  value       = module.iam_assumable_roles_with_saml.readonly_iam_role_arn
 }
 
 output "readonly_iam_role_name" {
   description = "Name of readonly IAM role"
-  value       = "${module.iam_assumable_roles_with_saml.readonly_iam_role_name}"
+  value       = module.iam_assumable_roles_with_saml.readonly_iam_role_name
 }
 
 output "readonly_iam_role_path" {
   description = "Path of readonly IAM role"
-  value       = "${module.iam_assumable_roles_with_saml.readonly_iam_role_path}"
+  value       = module.iam_assumable_roles_with_saml.readonly_iam_role_path
 }

examples/iam-assumable-roles/outputs.tf

@@ -1,62 +1,62 @@
 # Admin
 output "admin_iam_role_arn" {
   description = "ARN of admin IAM role"
-  value       = "${module.iam_assumable_roles.admin_iam_role_arn}"
+  value       = module.iam_assumable_roles.admin_iam_role_arn
 }
 
 output "admin_iam_role_name" {
   description = "Name of admin IAM role"
-  value       = "${module.iam_assumable_roles.admin_iam_role_name}"
+  value       = module.iam_assumable_roles.admin_iam_role_name
 }
 
 output "admin_iam_role_requires_mfa" {
   description = "Whether admin IAM role requires MFA"
-  value       = "${module.iam_assumable_roles.admin_iam_role_requires_mfa}"
+  value       = module.iam_assumable_roles.admin_iam_role_requires_mfa
 }
 
 output "admin_iam_role_path" {
   description = "Path of admin IAM role"
-  value       = "${module.iam_assumable_roles.admin_iam_role_path}"
+  value       = module.iam_assumable_roles.admin_iam_role_path
 }
 
 # Poweruser
 output "poweruser_iam_role_arn" {
   description = "ARN of poweruser IAM role"
-  value       = "${module.iam_assumable_roles.poweruser_iam_role_arn}"
+  value       = module.iam_assumable_roles.poweruser_iam_role_arn
 }
 
 output "poweruser_iam_role_name" {
   description = "Name of poweruser IAM role"
-  value       = "${module.iam_assumable_roles.poweruser_iam_role_name}"
+  value       = module.iam_assumable_roles.poweruser_iam_role_name
 }
 
 output "poweruser_iam_role_requires_mfa" {
   description = "Whether poweruser IAM role requires MFA"
-  value       = "${module.iam_assumable_roles.poweruser_iam_role_requires_mfa}"
+  value       = module.iam_assumable_roles.poweruser_iam_role_requires_mfa
 }
 
 output "poweruser_iam_role_path" {
   description = "Path of poweruser IAM role"
-  value       = "${module.iam_assumable_roles.poweruser_iam_role_path}"
+  value       = module.iam_assumable_roles.poweruser_iam_role_path
 }
 
 # Readonly
 output "readonly_iam_role_arn" {
   description = "ARN of readonly IAM role"
-  value       = "${module.iam_assumable_roles.readonly_iam_role_arn}"
+  value       = module.iam_assumable_roles.readonly_iam_role_arn
 }
 
 output "readonly_iam_role_name" {
   description = "Name of readonly IAM role"
-  value       = "${module.iam_assumable_roles.readonly_iam_role_name}"
+  value       = module.iam_assumable_roles.readonly_iam_role_name
 }
 
 output "readonly_iam_role_path" {
   description = "Path of readonly IAM role"
-  value       = "${module.iam_assumable_roles.readonly_iam_role_path}"
+  value       = module.iam_assumable_roles.readonly_iam_role_path
 }
 
 output "readonly_iam_role_requires_mfa" {
   description = "Whether readonly IAM role requires MFA"
-  value       = "${module.iam_assumable_roles.readonly_iam_role_requires_mfa}"
+  value       = module.iam_assumable_roles.readonly_iam_role_requires_mfa
 }

examples/iam-group-complete/main.tf

@@ -30,8 +30,8 @@ module "iam_group_complete" {
   assumable_roles = ["arn:aws:iam::111111111111:role/admin"]
 
   group_users = [
-    "${module.iam_user1.this_iam_user_name}",
-    "${module.iam_user2.this_iam_user_name}",
+    module.iam_user1.this_iam_user_name,
+    module.iam_user2.this_iam_user_name,
   ]
 }
 
@@ -41,7 +41,7 @@ module "iam_group_complete" {
 module "iam_group_complete_with_custom_policy" {
   source = "../../modules/iam-group-with-policies"
 
-  name = "${module.iam_group_complete.group_name}"
+  name = module.iam_group_complete.group_name
 
   create_group = false
 

examples/iam-group-complete/outputs.tf

@@ -1,14 +1,14 @@
 output "this_group_users" {
   description = "List of IAM users in IAM group"
-  value       = ["${module.iam_group_complete.this_group_users}"]
+  value       = module.iam_group_complete.this_group_users
 }
 
 output "this_assumable_roles" {
   description = "List of ARNs of IAM roles which members of IAM group can assume"
-  value       = ["${module.iam_group_complete.this_assumable_roles}"]
+  value       = module.iam_group_complete.this_assumable_roles
 }
 
 output "this_policy_arn" {
   description = "Assume role policy ARN for IAM group"
-  value       = "${module.iam_group_complete.this_policy_arn}"
+  value       = module.iam_group_complete.this_policy_arn
 }