Skip to content

Commit 178d44b

Browse files
VeetahaVeetaha
committed
Remove the no longer used support role expiration date variable
1 parent 1fabadf commit 178d44b

File tree

6 files changed

+0
-42
lines changed

6 files changed

+0
-42
lines changed

connector/terraform/README.md

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -123,7 +123,6 @@ No resources.
123123
| <a name="input_lambda_tracing"></a> [lambda_tracing](#input_lambda_tracing) | Enable AWS X-Ray tracing for Lambda functions. This increases the cost of<br/> the stack. Enable only if needed | `bool` | `null` | no |
124124
| <a name="input_network_configuration"></a> [network_configuration](#input_network_configuration) | Can be set to either `Auto` or `Manual`. If set to `Auto`, Elastio will<br/> automatically create a VPC and subnets in the specified regions for the<br/> scan clusters to run in.<br/><br/> If set to `Manual`, you must provide the VPC ID and subnet IDs in the<br/> `elastio_cloud_connectors` with the network config for each region. | `string` | `"Auto"` | no |
125125
| <a name="input_service_linked_roles"></a> [service_linked_roles](#input_service_linked_roles) | By default the CFN stack creates the service-linked IAM roles needed by the stack.<br/> Since these are global in your account, they can't be defined as regular resources<br/> in the CFN, because these roles may already exist in your account and thus<br/> the deployment would fail on a name conflict.<br/><br/> Instead, by default, they are deployed using an AWS::CloudFormation::CustomResource<br/> which invokes an AWS Lambda function that creates the service-linked roles only if<br/> they don't exist and doesn't fail if they do.<br/><br/> The default approach of creating the service-linked roles via the CFN requires<br/> creating a lambda function in your environment that has IAM write permission of<br/> `iam:CreateServiceLinkedRole`. If you can't afford creating such a lambda function<br/> then set this parameter to `tf` and this terraform module will create the<br/> service-linked roles without the need for a lambda function.<br/><br/> If you set this to `tf`, then make sure you have the AWS CLI installed and<br/> configured with the necessary credentials on the machine where you run terraform. | `string` | `"cfn"` | no |
126-
| <a name="input_support_role_expiration_date"></a> [support_role_expiration_date](#input_support_role_expiration_date) | Specifies a date when the ElastioSupport role will be disabled. This role<br/> contains only the permissions necessary for managing the resources deployed<br/> by Elastio and it grants no write access to the resources owned by you.<br/> If this role is enabled Elastio will be able to provide support for this<br/> Connector to keep it in a healthy state. However, if you don't want this<br/> role to be enabled, leave this empty. To enable this support role but only<br/> for a defined period of time, enter an expiration date and time in this field,<br/> in which case Elastio support personnel will be able to use this role but only<br/> until the specified date.<br/> The date must be in the format YYYY-MM-DDTHH:MM:SSZ.<br/> Example value: 2020-04-01T14:20:30Z. | `string` | `null` | no |
127126

128127
## Outputs
129128

connector/terraform/main.tf

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,6 @@ module "account" {
2121
iam_resource_names_static = var.iam_resource_names_static
2222
disable_customer_managed_iam_policies = var.disable_customer_managed_iam_policies
2323
service_linked_roles = var.service_linked_roles
24-
support_role_expiration_date = var.support_role_expiration_date
2524
ecr_public_prefix = var.ecr_public_prefix
2625
network_configuration = var.network_configuration
2726
}

connector/terraform/modules/account/README.md

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,6 @@ No modules.
6565
| <a name="input_network_configuration"></a> [network_configuration](#input_network_configuration) | Can be set to either `Auto` or `Manual`. If set to `Auto`, Elastio will<br/> automatically create a VPC and subnets in the specified regions for the<br/> scan clusters to run in.<br/><br/> If set to `Manual`, you must provide the `vpc_id` and `subnet_ids` in the<br/> `region` module with the network config for each region. | `string` | `"Auto"` | no |
6666
| <a name="input_regional_configs"></a> [regional_configs](#input_regional_configs) | Regional configurations for connectors (mostly for regulatory compliance). | <pre>list(object({<br/> region = string<br/><br/> s3_access_logging = optional(object({<br/> target_bucket = string<br/> target_prefix = optional(string)<br/><br/> # Can be one of the following:<br/> # - SimplePrefix<br/> # - PartitionedPrefix:EventTime<br/> # - PartitionedPrefix:DeliveryTime<br/> target_object_key_format = optional(string)<br/> }))<br/> }))</pre> | `[]` | no |
6767
| <a name="input_service_linked_roles"></a> [service_linked_roles](#input_service_linked_roles) | By default the CFN stack creates the service-linked IAM roles needed by the stack.<br/> Since these are global in your account, they can't be defined as regular resources<br/> in the CFN, because these roles may already exist in your account and thus<br/> the deployment would fail on a name conflict.<br/><br/> Instead, by default, they are deployed using an AWS::CloudFormation::CustomResource<br/> which invokes an AWS Lambda function that creates the service-linked roles only if<br/> they don't exist and doesn't fail if they do.<br/><br/> The default approach of creating the service-linked roles via the CFN requires<br/> creating a lambda function in your environment that has IAM write permission of<br/> `iam:CreateServiceLinkedRole`. If you can't afford creating such a lambda function<br/> then set this parameter to `tf` and this terraform module will create the<br/> service-linked roles without the need for a lambda function.<br/><br/> If you set this to `tf`, then make sure you have the AWS CLI installed and<br/> configured with the necessary credentials on the machine where you run terraform. | `string` | `"cfn"` | no |
68-
| <a name="input_support_role_expiration_date"></a> [support_role_expiration_date](#input_support_role_expiration_date) | Specifies a date when the ElastioSupport role will be disabled. This role<br/> contains only the permissions necessary for managing the resources deployed<br/> by Elastio and it grants no write access to the resources owned by you.<br/> If this role is enabled Elastio will be able to provide support for this<br/> Connector to keep it in a healthy state. However, if you don't want this<br/> role to be enabled, leave this empty. To enable this support role but only<br/> for a defined period of time, enter an expiration date and time in this field,<br/> in which case Elastio support personnel will be able to use this role but only<br/> until the specified date.<br/> The date must be in the format YYYY-MM-DDTHH:MM:SSZ.<br/> Example value: 2020-04-01T14:20:30Z. | `string` | `null` | no |
6968

7069
## Outputs
7170

connector/terraform/modules/account/main.tf

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,6 @@ locals {
3737
iamResourceNamesStatic = var.iam_resource_names_static
3838
disableCustomerManagedIamPolicies = var.disable_customer_managed_iam_policies
3939
disableServiceLinkedRolesCreation = var.service_linked_roles == "tf"
40-
supportRoleExpirationDate = var.support_role_expiration_date
4140
ecrPublicPrefix = var.ecr_public_prefix
4241
networkConfiguration = var.network_configuration
4342
}

connector/terraform/modules/account/variables.tf

Lines changed: 0 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -185,25 +185,6 @@ variable "service_linked_roles" {
185185
}
186186
}
187187

188-
variable "support_role_expiration_date" {
189-
description = <<DESCR
190-
Specifies a date when the ElastioSupport role will be disabled. This role
191-
contains only the permissions necessary for managing the resources deployed
192-
by Elastio and it grants no write access to the resources owned by you.
193-
If this role is enabled Elastio will be able to provide support for this
194-
Connector to keep it in a healthy state. However, if you don't want this
195-
role to be enabled, leave this empty. To enable this support role but only
196-
for a defined period of time, enter an expiration date and time in this field,
197-
in which case Elastio support personnel will be able to use this role but only
198-
until the specified date.
199-
The date must be in the format YYYY-MM-DDTHH:MM:SSZ.
200-
Example value: 2020-04-01T14:20:30Z.
201-
DESCR
202-
203-
type = string
204-
default = null
205-
}
206-
207188
variable "ecr_public_prefix" {
208189
description = <<DESCR
209190
Repository prefix for the ECR Public registry. Used to configure a pull-through

connector/terraform/variables.tf

Lines changed: 0 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -211,25 +211,6 @@ variable "service_linked_roles" {
211211
}
212212
}
213213

214-
variable "support_role_expiration_date" {
215-
description = <<DESCR
216-
Specifies a date when the ElastioSupport role will be disabled. This role
217-
contains only the permissions necessary for managing the resources deployed
218-
by Elastio and it grants no write access to the resources owned by you.
219-
If this role is enabled Elastio will be able to provide support for this
220-
Connector to keep it in a healthy state. However, if you don't want this
221-
role to be enabled, leave this empty. To enable this support role but only
222-
for a defined period of time, enter an expiration date and time in this field,
223-
in which case Elastio support personnel will be able to use this role but only
224-
until the specified date.
225-
The date must be in the format YYYY-MM-DDTHH:MM:SSZ.
226-
Example value: 2020-04-01T14:20:30Z.
227-
DESCR
228-
229-
type = string
230-
default = null
231-
}
232-
233214
variable "ecr_public_prefix" {
234215
description = <<DESCR
235216
Repository prefix for the ECR Public registry. Used to configure a pull-through

0 commit comments

Comments
 (0)