Inputs

The following input variables are supported:

account_access_configuration

Description: Configuration for assigning access to various AWS accounts via Identity Center

Type:

map(object({
    account_id               = string
    superuser_groups         = list(string)
    admin_groups             = optional(list(string), [])
    reader_groups            = optional(list(string), [])
    restricted_reader_groups = optional(list(string), [])
    billing_admin_groups     = optional(list(string), [])
  }))

Default: n/a

session_duration_hours

Description: The number of hours that AWS sessions will last. This is NOT the time before needing to re-authenticate with your IdP, but rather the amount of time that AWS session tokens last before expiring.

Type: number

Default: 12

Outputs

The following outputs are exported:

cli_config

Description: To be used by the ‘pf-aws-update —build’ script

Providers

The following providers are needed by this module:

• aws (6.38.0)

• pf (0.0.7)