- Set up IAM Password Policy.
- Create default IAM roles for managing AWS account.
| Name | Version |
|---|---|
| terraform | >= 0.13 |
| aws | >= 4.3 |
| Name | Version |
|---|---|
| aws | >= 4.3 |
| Name | Description | Type | Required |
|---|---|---|---|
| support_iam_role_principal_arns | List of ARNs of the IAM principal elements by which the support role could be assumed. | list(any) |
yes |
| allow_users_to_change_password | Whether to allow users to change their own password. | bool |
no |
| create_password_policy | Define if the password policy should be created. | bool |
no |
| create_support_role | Define if the support role should be created. | bool |
no |
| max_password_age | The number of days that an user password is valid. | number |
no |
| minimum_password_length | Minimum length to require for user passwords. | number |
no |
| password_reuse_prevention | The number of previous passwords that users are prevented from reusing. | number |
no |
| permissions_boundary_arn | The permissions boundary ARN for all IAM Roles, provisioned by this module | string |
no |
| require_lowercase_characters | Whether to require lowercase characters for user passwords. | bool |
no |
| require_numbers | Whether to require numbers for user passwords. | bool |
no |
| require_symbols | Whether to require symbols for user passwords. | bool |
no |
| require_uppercase_characters | Whether to require uppercase characters for user passwords. | bool |
no |
| support_iam_role_name | The name of the the support role. | string |
no |
| tags | Specifies object tags key and value. This applies to all resources created by this module. | map(string) |
no |
| Name | Description |
|---|---|
| support_iam_role | The IAM role used for the support user. |