# IRSA supporting sub module ## Requirements | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0.0 | | [aws](#requirement\_aws) | >= 3.72 | ## Providers | Name | Version | |------|---------| | [aws](#provider\_aws) | >= 3.72 | ## Modules No modules. ## Resources | Name | Type | |------|------| | [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | | [aws_iam_role_policy_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | | [aws_iam_policy_document.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | [allow\_self\_assume\_role](#input\_allow\_self\_assume\_role) | Determines whether to allow the role to be [assume itself](https://aws.amazon.com/blogs/security/announcing-an-update-to-iam-role-trust-policy-behavior/) | `bool` | `false` | no | | [assume\_role\_condition\_test](#input\_assume\_role\_condition\_test) | Name of the [IAM condition operator](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html) to evaluate when assuming the role | `string` | `"StringEquals"` | no | | [create](#input\_create) | Controls if resources should be created (affects all resources) | `bool` | `true` | no | | [create\_role](#input\_create\_role) | Whether to create a role | `bool` | `false` | no | | [force\_detach\_policies](#input\_force\_detach\_policies) | Whether policies should be detached from this role when destroying | `bool` | `true` | no | | [max\_session\_duration](#input\_max\_session\_duration) | Maximum CLI/API session duration in seconds between 3600 and 43200 | `number` | `null` | no | | [name](#input\_name) | Name of the Helm release | `string` | `""` | no | | [oidc\_providers](#input\_oidc\_providers) | Map of OIDC providers where each provider map should contain the `provider_arn`, and `service_accounts` | `any` | `{}` | no | | [role\_description](#input\_role\_description) | IAM Role description | `string` | `null` | no | | [role\_name](#input\_role\_name) | Name of IAM role | `string` | `null` | no | | [role\_name\_use\_prefix](#input\_role\_name\_use\_prefix) | Determines whether the IAM role name (`role_name`) is used as a prefix | `bool` | `true` | no | | [role\_path](#input\_role\_path) | Path of IAM role | `string` | `"/"` | no | | [role\_permissions\_boundary\_arn](#input\_role\_permissions\_boundary\_arn) | Permissions boundary ARN to use for IAM role | `string` | `null` | no | | [role\_policy\_arns](#input\_role\_policy\_arns) | ARNs of any policies to attach to the IAM role | `map(string)` | `{}` | no | | [tags](#input\_tags) | A map of tags to add the the IAM role | `map(any)` | `{}` | no | ## Outputs | Name | Description | |------|-------------| | [iam\_role\_arn](#output\_iam\_role\_arn) | ARN of IAM role | | [iam\_role\_name](#output\_iam\_role\_name) | Name of IAM role | | [iam\_role\_path](#output\_iam\_role\_path) | Path of IAM role | | [iam\_role\_unique\_id](#output\_iam\_role\_unique\_id) | Unique ID of IAM role |