From 6d9959aabe17b1d909108d9bf0cb600fa5627e51 Mon Sep 17 00:00:00 2001 From: Adam Panzer Date: Mon, 28 Mar 2022 14:08:34 -0700 Subject: [PATCH] Add support for linux and windows shell profiles. --- README.md | 3 +++ example/examplea/module.ssm.tf | 1 + iam.tf | 6 +++--- main.tf | 28 +++++++++++++++------------- variables.tf | 12 ++++++++++++ vpce.tf | 2 +- 6 files changed, 35 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index f48cb6d..b63ab8d 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,7 @@ module "ssm" { access_log_bucket_name = "my-session-access-logs" enable_log_to_s3 = true enable_log_to_cloudwatch = true + linux_shell_profile = "date" } ``` @@ -117,6 +118,7 @@ No modules. | [enable\_log\_to\_s3](#input\_enable\_log\_to\_s3) | Enable Session Manager to Log to S3 | `bool` | `true` | no | | [kms\_key\_alias](#input\_kms\_key\_alias) | Alias prefix of the KMS key. Must start with alias/ followed by a name | `string` | `"alias/ssm-key"` | no | | [kms\_key\_deletion\_window](#input\_kms\_key\_deletion\_window) | Waiting period for scheduled KMS Key deletion. Can be 7-30 days. | `number` | `7` | no | +| [linux\_shell\_profile](#input\_linux\_shell\_profile) | The ShellProfile to use for linux based machines. | `string` | `""` | no | | [log\_archive\_days](#input\_log\_archive\_days) | Number of days to wait before archiving to Glacier | `number` | `30` | no | | [log\_expire\_days](#input\_log\_expire\_days) | Number of days to wait before deleting | `number` | `365` | no | | [subnet\_ids](#input\_subnet\_ids) | Subnet Ids to deploy endpoints into | `set(string)` | `[]` | no | @@ -124,6 +126,7 @@ No modules. | [vpc\_endpoint\_private\_dns\_enabled](#input\_vpc\_endpoint\_private\_dns\_enabled) | Enable private dns for endpoints | `bool` | `true` | no | | [vpc\_endpoints\_enabled](#input\_vpc\_endpoints\_enabled) | Create VPC Endpoints | `bool` | `false` | no | | [vpc\_id](#input\_vpc\_id) | VPC ID to deploy endpoints into | `string` | `null` | no | +| [windows\_shell\_profile](#input\_windows\_shell\_profile) | The ShellProfile to use for windows based machines. | `string` | `""` | no | ## Outputs diff --git a/example/examplea/module.ssm.tf b/example/examplea/module.ssm.tf index f0cce4b..7ca2838 100644 --- a/example/examplea/module.ssm.tf +++ b/example/examplea/module.ssm.tf @@ -4,4 +4,5 @@ module "ssm" { access_log_bucket_name = "my-session-access-logs" enable_log_to_s3 = true enable_log_to_cloudwatch = true + linux_shell_profile = "date" } diff --git a/iam.tf b/iam.tf index 66069f5..6ff3333 100644 --- a/iam.tf +++ b/iam.tf @@ -128,9 +128,9 @@ data "aws_iam_policy_document" "ssm_s3_cwl_access" { } resource "aws_iam_policy" "ssm_s3_cwl_access" { - name = "ssm_s3_cwl_access-${local.region}" - path = "/" - policy = data.aws_iam_policy_document.ssm_s3_cwl_access.json + name = "ssm_s3_cwl_access-${local.region}" + path = "/" + policy = data.aws_iam_policy_document.ssm_s3_cwl_access.json } resource "aws_iam_role_policy_attachment" "SSM-role-policy-attach" { diff --git a/main.tf b/main.tf index 1253118..11031a5 100644 --- a/main.tf +++ b/main.tf @@ -30,18 +30,20 @@ resource "aws_ssm_document" "session_manager_prefs" { document_format = "JSON" tags = var.tags - content = <