From a4232160d36ca30b14a0cca9f7473dccc02c6ba5 Mon Sep 17 00:00:00 2001
From: kostas <kostavro@gmail.com>
Date: Thu, 15 Oct 2020 22:33:04 +0300
Subject: [PATCH] Add role description variable for assumable role with oidc

---
 modules/iam-assumable-role-with-oidc/README.md    | 1 +
 modules/iam-assumable-role-with-oidc/main.tf      | 1 +
 modules/iam-assumable-role-with-oidc/variables.tf | 6 ++++++
 3 files changed, 8 insertions(+)

diff --git a/modules/iam-assumable-role-with-oidc/README.md b/modules/iam-assumable-role-with-oidc/README.md
index 4678c1ed..ee9baa2f 100644
--- a/modules/iam-assumable-role-with-oidc/README.md
+++ b/modules/iam-assumable-role-with-oidc/README.md
@@ -33,6 +33,7 @@ This module supports IAM Roles for kubernetes service accounts as described in t
 | provider\_url | URL of the OIDC Provider. Use provider\_urls to specify several URLs. | `string` | `""` | no |
 | provider\_urls | List of URLs of the OIDC Providers | `list(string)` | `[]` | no |
 | role\_name | IAM role name | `string` | `""` | no |
+| role\_description | IAM Role description | `string` | `""` | no |
 | role\_path | Path of IAM role | `string` | `"/"` | no |
 | role\_permissions\_boundary\_arn | Permissions boundary ARN to use for IAM role | `string` | `""` | no |
 | role\_policy\_arns | List of ARNs of IAM policies to attach to IAM role | `list(string)` | `[]` | no |
diff --git a/modules/iam-assumable-role-with-oidc/main.tf b/modules/iam-assumable-role-with-oidc/main.tf
index 0f6a5a7c..698e8594 100644
--- a/modules/iam-assumable-role-with-oidc/main.tf
+++ b/modules/iam-assumable-role-with-oidc/main.tf
@@ -54,6 +54,7 @@ resource "aws_iam_role" "this" {
   count = var.create_role ? 1 : 0
 
   name                 = var.role_name
+  description          = var.role_description
   path                 = var.role_path
   max_session_duration = var.max_session_duration
 
diff --git a/modules/iam-assumable-role-with-oidc/variables.tf b/modules/iam-assumable-role-with-oidc/variables.tf
index 6c822d44..3d94fd30 100644
--- a/modules/iam-assumable-role-with-oidc/variables.tf
+++ b/modules/iam-assumable-role-with-oidc/variables.tf
@@ -34,6 +34,12 @@ variable "role_name" {
   default     = ""
 }
 
+variable "role_description" {
+  description = "IAM Role description"
+  type        = string
+  default     = ""
+}
+
 variable "role_path" {
   description = "Path of IAM role"
   type        = string