Merge pull request #11 from geekcell/fix/deal-with-long-names-in-iam-roles

fix: Deal with longer iam role names

Author: ckappen

modules/metrics_firehose/README.md

@@ -21,6 +21,7 @@ for more information.
 | <a name="input_s3_noncurrent_version_expiration"></a> [s3\_noncurrent\_version\_expiration](#input\_s3\_noncurrent\_version\_expiration) | Number of days non-current versions of objects will remain in the S3 Metric Stream Backup bucket. | `number` | `30` | no |
 | <a name="input_s3_versioning"></a> [s3\_versioning](#input\_s3\_versioning) | Enable S3 Versioning for the S3 Metric Stream Backup bucket. | `string` | `"Enabled"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to add to the created resources. | `map(any)` | `{}` | no |
+| <a name="input_use_name_prefix"></a> [use\_name\_prefix](#input\_use\_name\_prefix) | Use name prefix for IAM roles. | `bool` | `true` | no |
 
 ## Outputs
 
@@ -34,15 +35,15 @@ No outputs.
 
 ## Resources
 
-- resource.aws_cloudwatch_log_group.main (modules/metrics_firehose/main.tf#320)
-- resource.aws_cloudwatch_log_stream.http_endpoint (modules/metrics_firehose/main.tf#327)
-- resource.aws_cloudwatch_log_stream.s3_backup (modules/metrics_firehose/main.tf#332)
-- resource.aws_cloudwatch_metric_stream.main (modules/metrics_firehose/main.tf#107)
-- resource.aws_kinesis_firehose_delivery_stream.main (modules/metrics_firehose/main.tf#261)
-- resource.aws_s3_bucket.main (modules/metrics_firehose/main.tf#340)
-- resource.aws_s3_bucket_lifecycle_configuration.main (modules/metrics_firehose/main.tf#365)
-- resource.aws_s3_bucket_policy.main (modules/metrics_firehose/main.tf#378)
-- resource.aws_s3_bucket_public_access_block.main (modules/metrics_firehose/main.tf#346)
-- resource.aws_s3_bucket_versioning.main (modules/metrics_firehose/main.tf#355)
-- data source.aws_iam_policy_document.main (modules/metrics_firehose/main.tf#385)
+- resource.aws_cloudwatch_log_group.main (modules/metrics_firehose/main.tf#322)
+- resource.aws_cloudwatch_log_stream.http_endpoint (modules/metrics_firehose/main.tf#329)
+- resource.aws_cloudwatch_log_stream.s3_backup (modules/metrics_firehose/main.tf#334)
+- resource.aws_cloudwatch_metric_stream.main (modules/metrics_firehose/main.tf#109)
+- resource.aws_kinesis_firehose_delivery_stream.main (modules/metrics_firehose/main.tf#263)
+- resource.aws_s3_bucket.main (modules/metrics_firehose/main.tf#342)
+- resource.aws_s3_bucket_lifecycle_configuration.main (modules/metrics_firehose/main.tf#367)
+- resource.aws_s3_bucket_policy.main (modules/metrics_firehose/main.tf#380)
+- resource.aws_s3_bucket_public_access_block.main (modules/metrics_firehose/main.tf#348)
+- resource.aws_s3_bucket_versioning.main (modules/metrics_firehose/main.tf#357)
+- data source.aws_iam_policy_document.main (modules/metrics_firehose/main.tf#387)
 <!-- END_TF_DOCS -->

modules/metrics_firehose/main.tf

@@ -9,9 +9,10 @@ module "firehose_role" {
   source  = "geekcell/iam-role/aws"
   version = ">= 1.0.0, < 2.0.0"
 
-  name        = "${var.prefix}-datadog-firehose"
-  description = "Role for Datadog Kinesis Firehose Metric Streams."
-  policy_arns = [module.firehose_policy.arn]
+  name            = "${var.prefix}-datadog-firehose"
+  use_name_prefix = var.use_name_prefix
+  description     = "Role for Datadog Kinesis Firehose Metric Streams."
+  policy_arns     = [module.firehose_policy.arn]
   assume_roles = {
     "Service" : {
       identifiers = ["firehose.amazonaws.com"]
@@ -68,9 +69,10 @@ module "metric_stream_role" {
   source  = "geekcell/iam-role/aws"
   version = ">= 1.0.0, < 2.0.0"
 
-  name        = "${var.prefix}-datadog-metric-stream"
-  description = "Role for Datadog Metric Stream."
-  policy_arns = [module.metric_stream_policy.arn]
+  name            = "${var.prefix}-datadog-metric-stream"
+  use_name_prefix = var.use_name_prefix
+  description     = "Role for Datadog Metric Stream."
+  policy_arns     = [module.metric_stream_policy.arn]
   assume_roles = {
     "Service" : {
       identifiers = ["streams.metrics.cloudwatch.amazonaws.com"]

modules/metrics_firehose/variables.tf

@@ -71,3 +71,9 @@ variable "s3_mfa_delete" {
   default     = "Disabled"
   type        = string
 }
+
+variable "use_name_prefix" {
+  description = "Use name prefix for IAM roles."
+  default     = true
+  type        = bool
+}