GitHub - TheSoftwareHouse/aws-oidc-bitbucket: Terraform Module To Bootstrap AWS IAM Role For OIDC From Bitbucket

Requirements

Name	Version
aws	~> 5
tls	>= 4.0.3

Name	Version
aws	~> 5
tls	>= 4.0.3

Name	Source	Version
aws_oidc_bitbucket	./modules/aws-roles-oidc-bitbucket	n/a

Name	Type
aws_iam_openid_connect_provider.bitbucket	resource
tls_certificate.bitbucket	data source

Name	Description	Type	Default	Required
aud_value	Bitbucket Aud - ie. ari:cloud:bitbucket::workspace/{Workspace ID}	`string`	n/a	yes
bitbucket_tls_url	Bitbucket URL to perform TLS verification against. - https://api.bitbucket.org/2.0/workspaces/{WORKSPACE}/pipelines-config/identity/oidc	`string`	n/a	yes
max_session_duration	Maximum session duration in seconds. - by default assume role will be 15 minutes - when calling from actions you'll need to increase up to the maximum allowed hwere	`number`	`3600`	no
role_subject-repos_policies	role name to repos and policies mapping. role name as the key and object value for repo subjects ie "{REPOSITORY_UUID}[:{ENVIRONMENT_UUID}]:{STEP_UUID} or " as well as a list of policy arns ie ["Administrator"] and list of roles that can assume the new role for debugging	map(object({ role_path = optional(string) subject_repos = list(string) policy_arns = list(string) assume_role_names = optional(list(string)) }))	n/a	yes

Name	Description
bitbucket_oidc_provider_arn	OIDC Provider ARN To Use For Roles/Policies
bitbucket_oidc_provider_url	OIDC Provider URL To Use For Roles/Policies
iam_role_arns	Roles That Will Be Assumed By Bitbucket

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
modules/aws-roles-oidc-bitbucket		modules/aws-roles-oidc-bitbucket
README.md		README.md
main.tf		main.tf
output.tf		output.tf
variables.tf		variables.tf