terraform-aws-mcaf-gitlab-oidc

Terraform module to configure GitLab as an IAM OIDC identity provider in AWS.

IMPORTANT: We do not pin modules to versions in our examples. We highly recommend that in your code you pin the version to the exact version you are using so that your infrastructure remains stable.

Requirements

Name	Version
terraform	>= 1.3
aws	>= 4.0.0
tls	>= 4.0.0

Providers

Name	Version
aws	>= 4.0.0
tls	>= 4.0.0

Modules

Name	Source	Version
oidc_role	schubergphilis/mcaf-role/aws	~> 0.4.0

Resources

Name	Type
aws_iam_openid_connect_provider.gitlab	resource
aws_iam_policy_document.assume_role_policy	data source
tls_certificate.gitlab	data source

Inputs

Name	Description	Type	Default	Required
iam_roles	Configuration for IAM roles, the key of the map is used as the IAM role name. Unless overwritten by setting the name field.	map(object({ description = optional(string, "Role assumed by the Gitlab IAM OIDC provider") name = optional(string, null) path = optional(string, "/") permissions_boundary_arn = optional(string, "") policy = optional(string, null) policy_arns = optional(set(string), []) subject_filter_allowed = object({ path = string ref_type = string ref = string }) }))	n/a	yes
gitlab_url	GitLab URL. The address of your GitLab instance, such as https://gitlab.com or https://gitlab.example.com.	string	"https://gitlab.com"	no
tags	A mapping of tags to assign to all resources.	map(string)	null	no

Outputs

Name	Description
iam_roles	Map GitLab OIDC IAM roles name and ARN

Licensing

100% Open Source and licensed under the Apache License Version 2.0. See LICENSE for full details.