Skip to content

README.md

Latest commit

 

History

History
81 lines (59 loc) · 26.2 KB

README.md

File metadata and controls

81 lines (59 loc) · 26.2 KB

Elastio Asset Account CloudFormation StackSet

See this README for more details on what this stack does.

This is a Terraform module, that is a thin wrapper on top of an aws_cloudformation_stack_set and aws_cloudformation_stack_instances resources used to deploy the Elastio Asset Account stack.

See the examples directory for some examples of how this module can be used:

Installation

Configure the Elastio terraform module registry, and add this to your project:

module "elastio_asset_account" {
  source  = "terraform.cloudsmith.io/public/elastio-asset-account-stack-set/aws"
  version = "0.33.1"

  // Provide input parameters
}

Requirements

Name Version
terraform ~> 1.9
aws ~> 5.0

Providers

Name Version
aws ~> 5.0

Modules

No modules.

Resources

Name Type
aws_cloudformation_stack_instances.this resource
aws_cloudformation_stack_set.this resource

Inputs

Name Description Type Default Required
administration_role_arn See docs here string null no
auto_deployment See docs here 
object({
 enabled = optional(bool)
 retain_stacks_on_account_removal = optional(bool)
 })
 null no
call_as See docs here string null no
deployment_targets The AWS Organizations accounts for which to create stack instances.

Specify deployment_targets only if you are using SERVICE_MANAGED permissions model.
If you are using the SELF_MANAGED permissions model specify accounts instead.

Details		 
object({
 account_filter_type = optional(string)
 accounts = optional(list(string))
 accounts_url = optional(string)
 organizational_unit_ids = optional(list(string))
 })
 null no
encrypt_with_cmk Provision an additional customer-managed KMS key to encrypt Lambda environment variables.
This increases the cost of the stack.		 bool false no
execution_role_name See docs here string null no
iam_resource_names_prefix Add a custom prefix to names of all IAM resources deployed by this stack. string "" no
iam_resource_names_suffix Add a custom prefix to names of all IAM resources deployed by this stack. string "" no
lambda_tracing Enable AWS X-Ray tracing for Lambda functions.
This increases the cost of the stack.		 bool false no
managed_execution See docs here 
object({
 active = optional(bool)
 })
 null no
operation_preferences See docs here 
object({
 concurrency_mode = optional(string)
 failure_tolerance_count = optional(number)
 failure_tolerance_percentage = optional(number)
 max_concurrent_count = optional(number)
 max_concurrent_percentage = optional(number)

 # Region settings are not supported, because
 # there must be at most one stack per account
 # in a single region.
 })
 null no
permission_model See docs here string null no
retain_stacks See docs here bool null no
stack_instances_region The AWS region where the Elastio Asset Account stack instances will be deployed.
It is just a single region because this stack is deployed only once per AWS account.		 string "us-east-1" no
stack_set_description The description of the CloudFormation StackSet. string "Elastio Asset Account StackSet creates IAM roles to link the AWS accounts with\nthe Elastio Connector. This allows the Elastio Connector to scan the assets\navailable in the account where the Elastio Asset Account stack instances are\ndeployed.\n" no
stack_set_name The name of the CloudFormation StackSet. string "ElastioAssetAccount" no
tags Additional tags to apply to all resources created by this stack. map(string) {} no
template_url The URL of the Elastio Asset Account CloudFormation template obtained from
the Elastio Portal.

This parameter is sensitive, because anyone who knows this URL can deploy
Elastio Account stack and linking it to your Elastio tenant.		 string n/a yes

Outputs

Name Description
stack_instances The outputs of the aws_cloudformation_stack_instances resource.
stack_set The outputs of the aws_cloudformation_stack_set resource.