diff --git a/asset-account/terraform/cloudformation-stack/.module.toml b/asset-account/terraform/cloudformation-stack/.module.toml
index fc02894..30ecafa 100644
--- a/asset-account/terraform/cloudformation-stack/.module.toml
+++ b/asset-account/terraform/cloudformation-stack/.module.toml
@@ -1,5 +1,6 @@
[module]
-name = "aws-elastio-asset-account-cloudformation-stack"
+name = "aws-elastio-asset-account-cloudformation-stack"
+version = "1.0.0"
+
description = "Terraform module for creating the Elastio Asset Account CloudFormation stack"
-type = "terraform"
-version = "0.33.1"
+type = "terraform"
diff --git a/asset-account/terraform/cloudformation-stack/README.md b/asset-account/terraform/cloudformation-stack/README.md
index d38b606..9b963d5 100644
--- a/asset-account/terraform/cloudformation-stack/README.md
+++ b/asset-account/terraform/cloudformation-stack/README.md
@@ -13,7 +13,7 @@ See the basic [usage example](./examples/basic/main.tf).
```tf
module "elastio_asset_account" {
source = "terraform.cloudsmith.io/public/elastio-asset-account-cloudformation-stack/aws"
- version = "0.33.1"
+ version = "1.0.0"
// Provide input parameters
}
@@ -26,13 +26,13 @@ module "elastio_asset_account" {
| Name | Version |
| ------------------------------------------------------------------------ | ------- |
| [terraform](#requirement_terraform) | ~> 1.9 |
-| [aws](#requirement_aws) | ~> 5.0 |
+| [aws](#requirement_aws) | >= 5.0 |
## Providers
| Name | Version |
| ------------------------------------------------ | ------- |
-| [aws](#provider_aws) | ~> 5.0 |
+| [aws](#provider_aws) | >= 5.0 |
## Modules
@@ -46,22 +46,18 @@ No modules.
## Inputs
-| Name | Description | Type | Default | Required |
-| ------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------------- | ----------------------- | :------: |
-| [disable_rollback](#input_disable_rollback) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#disable_rollback-1) | `bool` | `null` | no |
-| [encrypt_with_cmk](#input_encrypt_with_cmk) | Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack. | `bool` | `false` | no |
-| [iam_resource_names_prefix](#input_iam_resource_names_prefix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no |
-| [iam_resource_names_suffix](#input_iam_resource_names_suffix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no |
-| [iam_role_arn](#input_iam_role_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#iam_role_arn-1) | `string` | `null` | no |
-| [lambda_tracing](#input_lambda_tracing) | Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack. | `bool` | `false` | no |
-| [notification_arns](#input_notification_arns) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#notification_arns-1) | `list(string)` | `null` | no |
-| [on_failure](#input_on_failure) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#on_failure-1) | `string` | `null` | no |
-| [policy_body](#input_policy_body) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#policy_body-1) | `string` | `null` | no |
-| [policy_url](#input_policy_url) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#policy_url-1) | `string` | `null` | no |
-| [stack_name](#input_stack_name) | The name of the CloudFormation StackSet. | `string` | `"ElastioAssetAccount"` | no |
-| [tags](#input_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no |
-| [template_url](#input_template_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.
This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes |
-| [timeout_in_minutes](#input_timeout_in_minutes) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#timeout_in_minutes-1) | `number` | `null` | no |
+| Name | Description | Type | Default | Required |
+| --------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------------- | ----------------------- | :------: |
+| [disable_rollback](#input_disable_rollback) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#disable_rollback-1) | `bool` | `null` | no |
+| [iam_role_arn](#input_iam_role_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#iam_role_arn-1) | `string` | `null` | no |
+| [notification_arns](#input_notification_arns) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#notification_arns-1) | `list(string)` | `null` | no |
+| [on_failure](#input_on_failure) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#on_failure-1) | `string` | `null` | no |
+| [policy_body](#input_policy_body) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#policy_body-1) | `string` | `null` | no |
+| [policy_url](#input_policy_url) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#policy_url-1) | `string` | `null` | no |
+| [stack_name](#input_stack_name) | The name of the CloudFormation StackSet. | `string` | `"ElastioAssetAccount"` | no |
+| [tags](#input_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no |
+| [template_url](#input_template_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.
This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes |
+| [timeout_in_minutes](#input_timeout_in_minutes) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack#timeout_in_minutes-1) | `number` | `null` | no |
## Outputs
diff --git a/asset-account/terraform/cloudformation-stack/examples/advanced/main.tf b/asset-account/terraform/cloudformation-stack/examples/advanced/main.tf
index bb43035..71e0ee0 100644
--- a/asset-account/terraform/cloudformation-stack/examples/advanced/main.tf
+++ b/asset-account/terraform/cloudformation-stack/examples/advanced/main.tf
@@ -1,9 +1,8 @@
module "elastio_asset_account" {
source = "../../"
- template_url = var.template_url
- encrypt_with_cmk = true
- iam_role_arn = time_sleep.iam.triggers.deployer_role_arn
+ template_url = var.template_url
+ iam_role_arn = time_sleep.iam.triggers.deployer_role_arn
}
resource "aws_iam_role" "deployer" {
diff --git a/asset-account/terraform/cloudformation-stack/main.tf b/asset-account/terraform/cloudformation-stack/main.tf
index c7575e2..a7baaa6 100644
--- a/asset-account/terraform/cloudformation-stack/main.tf
+++ b/asset-account/terraform/cloudformation-stack/main.tf
@@ -12,14 +12,4 @@ resource "aws_cloudformation_stack" "this" {
policy_url = var.policy_url
iam_role_arn = var.iam_role_arn
timeout_in_minutes = var.timeout_in_minutes
-
- parameters = {
- for key, value in {
- iamResourceNamesPrefix = var.iam_resource_names_prefix
- iamResourceNamesSuffix = var.iam_resource_names_suffix
- encryptWithCmk = var.encrypt_with_cmk
- lambdaTracing = var.lambda_tracing
- } :
- key => tostring(value)
- }
}
diff --git a/asset-account/terraform/cloudformation-stack/variables.tf b/asset-account/terraform/cloudformation-stack/variables.tf
index f26be64..13c1435 100644
--- a/asset-account/terraform/cloudformation-stack/variables.tf
+++ b/asset-account/terraform/cloudformation-stack/variables.tf
@@ -31,9 +31,9 @@ variable "tags" {
variable "stack_name" {
description = "The name of the CloudFormation StackSet."
- type = string
- nullable = false
- default = "ElastioAssetAccount"
+ type = string
+ nullable = false
+ default = "ElastioAssetAccount"
}
variable "disable_rollback" {
@@ -84,49 +84,3 @@ variable "timeout_in_minutes" {
type = number
default = null
}
-
-#####################################################
-## Optional parameters of the CloudFormation stack ##
-#####################################################
-
-variable "iam_resource_names_prefix" {
- description = <<-DESCR
- Add a custom prefix to names of all IAM resources deployed by this stack.
- DESCR
-
- type = string
- nullable = false
- default = ""
-}
-
-variable "iam_resource_names_suffix" {
- description = <<-DESCR
- Add a custom prefix to names of all IAM resources deployed by this stack.
- DESCR
-
- type = string
- nullable = false
- default = ""
-}
-
-variable "encrypt_with_cmk" {
- description = <<-DESCR
- Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
- This increases the cost of the stack.
- DESCR
-
- type = bool
- nullable = false
- default = false
-}
-
-variable "lambda_tracing" {
- description = <<-DESCR
- Enable AWS X-Ray tracing for Lambda functions.
- This increases the cost of the stack.
- DESCR
-
- type = bool
- nullable = false
- default = false
-}
diff --git a/asset-account/terraform/cloudformation-stack/versions.tf b/asset-account/terraform/cloudformation-stack/versions.tf
index 851b004..21e5958 100644
--- a/asset-account/terraform/cloudformation-stack/versions.tf
+++ b/asset-account/terraform/cloudformation-stack/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 5.0"
+ version = ">= 5.0"
}
}
}
diff --git a/asset-account/terraform/stack-set/.module.toml b/asset-account/terraform/stack-set/.module.toml
index 194b969..39e2ef1 100644
--- a/asset-account/terraform/stack-set/.module.toml
+++ b/asset-account/terraform/stack-set/.module.toml
@@ -1,5 +1,6 @@
[module]
-name = "aws-elastio-asset-account-stack-set"
+name = "aws-elastio-asset-account-stack-set"
+version = "1.0.0"
+
description = "Terraform module for creating the Elastio Asset Account CloudFormation StackSet"
-type = "terraform"
-version = "0.33.2"
+type = "terraform"
diff --git a/asset-account/terraform/stack-set/README.md b/asset-account/terraform/stack-set/README.md
index 0d69acc..3079890 100644
--- a/asset-account/terraform/stack-set/README.md
+++ b/asset-account/terraform/stack-set/README.md
@@ -16,7 +16,7 @@ See the `examples` directory for some examples of how this module can be used:
```tf
module "elastio_asset_account" {
source = "terraform.cloudsmith.io/public/elastio-asset-account-stack-set/aws"
- version = "0.33.2"
+ version = "1.0.0"
// Provide input parameters
}
@@ -50,26 +50,22 @@ No modules.
## Inputs
-| Name | Description | Type | Default | Required |
-| ------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: |
-| [administration_role_arn](#input_administration_role_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1) | `string` | `null` | no |
-| [auto_deployment](#input_auto_deployment) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1) | object({
enabled = optional(bool)
retain_stacks_on_account_removal = optional(bool)
}) | `null` | no |
-| [call_as](#input_call_as) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1) | `string` | `null` | no |
-| [deployment_targets](#input_deployment_targets) | The AWS Organizations accounts for which to create stack instances.
Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model.
If you are using the `SELF_MANAGED` permissions model specify `accounts` instead.
[Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) | object({
account_filter_type = optional(string)
accounts = optional(list(string))
accounts_url = optional(string)
organizational_unit_ids = optional(list(string))
}) | `null` | no |
-| [encrypt_with_cmk](#input_encrypt_with_cmk) | Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack. | `bool` | `false` | no |
-| [execution_role_name](#input_execution_role_name) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1) | `string` | `null` | no |
-| [iam_resource_names_prefix](#input_iam_resource_names_prefix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no |
-| [iam_resource_names_suffix](#input_iam_resource_names_suffix) | Add a custom prefix to names of all IAM resources deployed by this stack. | `string` | `""` | no |
-| [lambda_tracing](#input_lambda_tracing) | Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack. | `bool` | `false` | no |
-| [managed_execution](#input_managed_execution) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1) | object({
active = optional(bool)
}) | `null` | no |
-| [operation_preferences](#input_operation_preferences) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences) | object({
concurrency_mode = optional(string)
failure_tolerance_count = optional(number)
failure_tolerance_percentage = optional(number)
max_concurrent_count = optional(number)
max_concurrent_percentage = optional(number)
# Region settings are not supported, because
# there must be at most one stack per account
# in a single region.
}) | `null` | no |
-| [permission_model](#input_permission_model) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1) | `string` | `null` | no |
-| [retain_stacks](#input_retain_stacks) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1) | `bool` | `null` | no |
-| [stack_instances_region](#input_stack_instances_region) | The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account. | `string` | `"us-east-1"` | no |
-| [stack_set_description](#input_stack_set_description) | The description of the CloudFormation StackSet. | `string` | `"Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n"` | no |
-| [stack_set_name](#input_stack_set_name) | The name of the CloudFormation StackSet. | `string` | `"ElastioAssetAccount"` | no |
-| [tags](#input_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no |
-| [template_url](#input_template_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.
This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes |
+| Name | Description | Type | Default | Required |
+| ------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :------: |
+| [administration_role_arn](#input_administration_role_arn) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#administration_role_arn-1) | `string` | `null` | no |
+| [auto_deployment](#input_auto_deployment) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#auto_deployment-1) | object({
enabled = optional(bool)
retain_stacks_on_account_removal = optional(bool)
}) | `null` | no |
+| [call_as](#input_call_as) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#call_as-1) | `string` | `null` | no |
+| [deployment_targets](#input_deployment_targets) | The AWS Organizations accounts for which to create stack instances.
Specify `deployment_targets` only if you are using `SERVICE_MANAGED` permissions model.
If you are using the `SELF_MANAGED` permissions model specify `accounts` instead.
[Details](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#deployment_targets) | object({
account_filter_type = optional(string)
accounts = optional(list(string))
accounts_url = optional(string)
organizational_unit_ids = optional(list(string))
}) | `null` | no |
+| [execution_role_name](#input_execution_role_name) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#execution_role_name-1) | `string` | `null` | no |
+| [managed_execution](#input_managed_execution) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#managed_execution-1) | object({
active = optional(bool)
}) | `null` | no |
+| [operation_preferences](#input_operation_preferences) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#operation_preferences) | object({
concurrency_mode = optional(string)
failure_tolerance_count = optional(number)
failure_tolerance_percentage = optional(number)
max_concurrent_count = optional(number)
max_concurrent_percentage = optional(number)
# Region settings are not supported, because
# there must be at most one stack per account
# in a single region.
}) | `null` | no |
+| [permission_model](#input_permission_model) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set#permission_model-1) | `string` | `null` | no |
+| [retain_stacks](#input_retain_stacks) | [See docs here](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_instances#retain_stacks-1) | `bool` | `null` | no |
+| [stack_instances_region](#input_stack_instances_region) | The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account. | `string` | `"us-east-1"` | no |
+| [stack_set_description](#input_stack_set_description) | The description of the CloudFormation StackSet. | `string` | `"Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n"` | no |
+| [stack_set_name](#input_stack_set_name) | The name of the CloudFormation StackSet. | `string` | `"ElastioAssetAccount"` | no |
+| [tags](#input_tags) | Additional tags to apply to all resources created by this stack. | `map(string)` | `{}` | no |
+| [template_url](#input_template_url) | The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.
This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant. | `string` | n/a | yes |
## Outputs
diff --git a/asset-account/terraform/stack-set/main.tf b/asset-account/terraform/stack-set/main.tf
index 54d33d4..be3ea77 100644
--- a/asset-account/terraform/stack-set/main.tf
+++ b/asset-account/terraform/stack-set/main.tf
@@ -35,26 +35,6 @@ resource "aws_cloudformation_stack_set" "this" {
max_concurrent_percentage = operation_preferences.value.max_concurrent_percentage
}
}
-
- parameters = {
- for key, value in {
- iamResourceNamesPrefix = var.iam_resource_names_prefix
- iamResourceNamesSuffix = var.iam_resource_names_suffix
- encryptWithCmk = var.encrypt_with_cmk
- lambdaTracing = var.lambda_tracing
- } :
- key => tostring(value)
- }
-
- # Ignore some internal parameter values
- lifecycle {
- ignore_changes = [
- parameters["cloudConnectorAccountId"],
- parameters["cloudConnectorRoleExternalId"],
- parameters["deploymentNotificationToken"],
- parameters["deploymentNotificationTopicArn"],
- ]
- }
}
resource "aws_cloudformation_stack_instances" "this" {
diff --git a/asset-account/terraform/stack-set/variables.tf b/asset-account/terraform/stack-set/variables.tf
index a450a59..3c293b6 100644
--- a/asset-account/terraform/stack-set/variables.tf
+++ b/asset-account/terraform/stack-set/variables.tf
@@ -167,49 +167,3 @@ variable "retain_stacks" {
type = bool
default = null
}
-
-######################################################
-## Optional parameters of the CloudFormation stacks ##
-######################################################
-
-variable "iam_resource_names_prefix" {
- description = <<-DESCR
- Add a custom prefix to names of all IAM resources deployed by this stack.
- DESCR
-
- type = string
- nullable = false
- default = ""
-}
-
-variable "iam_resource_names_suffix" {
- description = <<-DESCR
- Add a custom prefix to names of all IAM resources deployed by this stack.
- DESCR
-
- type = string
- nullable = false
- default = ""
-}
-
-variable "encrypt_with_cmk" {
- description = <<-DESCR
- Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
- This increases the cost of the stack.
- DESCR
-
- type = bool
- nullable = false
- default = false
-}
-
-variable "lambda_tracing" {
- description = <<-DESCR
- Enable AWS X-Ray tracing for Lambda functions.
- This increases the cost of the stack.
- DESCR
-
- type = bool
- nullable = false
- default = false
-}