Rebranding & Update Permissions

.terraform-docs.yml

@@ -18,7 +18,7 @@ content: |-
   Just only add the following code to your Terraform code
 
   ```hcl
-  {{ include "./examples/itmc_integration.tf" }}
+  {{ include "./examples/admina_integration.tf" }}
   ```
   To learn how to use Modules in Terraform, let's to see [here](https://developer.hashicorp.com/terraform/language/modules).
 

README.md

@@ -1,42 +1,42 @@
-# terraform-aws-itmc-integration
+# terraform-aws-admina-integration
 
 <!-- # Short Description -->
 
 This is a Terraform Module that can be used for AWS Integration provided by Money Forward i.
 
-https://registry.terraform.io/modules/moneyforward-i/itmc-integration/aws/latest
-
+https://registry.terraform.io/modules/moneyforward-i/admina-integration/aws/latest
 
 <!-- # Badges -->
-[![Latest Rlease](https://badgen.net/github/release/moneyforward-i/terraform-aws-itmc-integration?icon=github&color=cyan)](https://github.com/moneyforward-i/terraform-aws-itmc-integration/releases/latest)
-[![Terraform Regstly](https://badgen.net/badge/icon/available?icon=terraform&label=registry&color=cyan)](https://registry.terraform.io/modules/moneyforward-i/itmc-integration/aws/latest)
 
-[![Github issues](https://img.shields.io/github/issues/moneyforward-i/terraform-aws-itmc-integration)](https://github.com/moneyforward-i/terraform-aws-itmc-integration/issues)
-[![Github forks](https://img.shields.io/github/forks/moneyforward-i/terraform-aws-itmc-integration)](https://github.com/moneyforward-i/terraform-aws-itmc-integration/network/members)
-[![Github stars](https://img.shields.io/github/stars/moneyforward-i/terraform-aws-itmc-integration)](https://github.com/moneyforward-i/terraform-aws-itmc-integration/stargazers)
-[![Github top language](https://img.shields.io/github/languages/top/moneyforward-i/terraform-aws-itmc-integration)](https://github.com/moneyforward-i/terraform-aws-itmc-integration/)
-[![Github license](https://img.shields.io/github/license/moneyforward-i/terraform-aws-itmc-integration)](https://github.com/moneyforward-i/terraform-aws-itmc-integration/)
+[![Latest Rlease](https://badgen.net/github/release/moneyforward-i/terraform-aws-admina-integration?icon=github&color=cyan)](https://github.com/moneyforward-i/terraform-aws-admina-integration/releases/latest)
+[![Terraform Regstly](https://badgen.net/badge/icon/available?icon=terraform&label=registry&color=cyan)](https://registry.terraform.io/modules/moneyforward-i/admina-integration/aws/latest)
+
+[![Github issues](https://img.shields.io/github/issues/moneyforward-i/terraform-aws-admina-integration)](https://github.com/moneyforward-i/terraform-aws-admina-integration/issues)
+[![Github forks](https://img.shields.io/github/forks/moneyforward-i/terraform-aws-admina-integration)](https://github.com/moneyforward-i/terraform-aws-admina-integration/network/members)
+[![Github stars](https://img.shields.io/github/stars/moneyforward-i/terraform-aws-admina-integration)](https://github.com/moneyforward-i/terraform-aws-admina-integration/stargazers)
+[![Github top language](https://img.shields.io/github/languages/top/moneyforward-i/terraform-aws-admina-integration)](https://github.com/moneyforward-i/terraform-aws-admina-integration/)
+[![Github license](https://img.shields.io/github/license/moneyforward-i/terraform-aws-admina-integration)](https://github.com/moneyforward-i/terraform-aws-admina-integration/)
 
 # Tags
 
-`IT Management Cloud` `SaaS Management Platform`
+`Admina` `SaaS Management Platform`
 
 # Advantages
 
-You can easily create a Role to connect to the IT Management Cloud with AWS which was provided by Money Forward i. 
+You can easily create a Role to connect to the Admina with AWS which was provided by Money Forward i.
 
-This Terraform Module is maintained regularly by Money Forward i, 
+This Terraform Module is maintained regularly by Money Forward i,
 so you can easily keep it up-to-date by importing it as a Module.
 
-[Official page(JP)](https://i.moneyforward.com/) [(EN)](https://i.moneyforward.com/us/)
-
-[Integration Support Page](https://support.itmc.i.moneyforward.com/article/dc2mjsw9oy-aws)
+[Official page(JP)](https://i.moneyforward.com/) [(EN)](https://admina.moneyforward.com/)
 
+[Integration Support Page](https://support.admina.i.moneyforward.com/article/dc2mjsw9oy-aws)
 
 # About Module
-<!-- 
-  The following Document is automatically generated. 
-  If you want to change them, edit `./.terraform-docs.yml`. 
+
+<!--
+  The following Document is automatically generated.
+  If you want to change them, edit `./.terraform-docs.yml`.
 -->
 <!-- BEGIN_TF_DOCS -->
 
@@ -49,14 +49,14 @@ Just only add the following code to your Terraform code
 
 ```hcl
 # This file can be copied and used as it is.
-module "itmc-integration" {
-  source  = "moneyforward-i/itmc-integration/aws"
+module "admina-integration" {
+  source = "moneyforward-i/admina-integration/aws"
 }
-output "itmc_role_arn" {
-  value = module.itmc-integration.role_arn
+output "admina_role_arn" {
+  value = module.admina-integration.role_arn
 }
-output "itmc_role_external_id" {
-  value = module.itmc-integration.external_id
+output "admina_role_external_id" {
+  value = module.admina-integration.external_id
 }
 ```
 To learn how to use Modules in Terraform, let's to see [here](https://developer.hashicorp.com/terraform/language/modules).
@@ -68,15 +68,16 @@ To learn how to use Modules in Terraform, let's to see [here](https://developer.
 |------|-------------|------|---------|:--------:|
 | <a name="input_additional_tags"></a> [additional\_tags](#input\_additional\_tags) | A mapping of additional resource tags | `map(string)` | `{}` | no |
 | <a name="input_role_path"></a> [role\_path](#input\_role\_path) | Path to place the Role. | `string` | `"/integration/"` | no |
+| <a name="input_read_only"></a> [read\_only](#input\_read\_only) | If true, the role will be read only. | `bool` | `false` | no |
 <!-- ### Modules
 
 No modules. -->
 ### Outputs
 
 | Name | Description |
 |------|-------------|
-| <a name="output_role_arn"></a> [role\_arn](#output\_role\_arn) | The output is the Arn of the Role that was created. <br>This value will be able to enter into IntegrationPage on ITMC |
-| <a name="output_external_id"></a> [external\_id](#output\_external\_id) | The output is the External ID of the Role that was created. <br>This value will be able to enter into IntegrationPage on ITMC |
+| <a name="output_role_arn"></a> [role\_arn](#output\_role\_arn) | The output is the Arn of the Role that was created. <br>This value will be able to enter into IntegrationPage on Admina |
+| <a name="output_external_id"></a> [external\_id](#output\_external\_id) | The output is the External ID of the Role that was created. <br>This value will be able to enter into IntegrationPage on Admina |
 <!--  -->
 <!--  -->
 ### Resources
@@ -86,10 +87,10 @@ No modules. -->
 | [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
 | [aws_iam_role_policy.role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
 | [random_id.extrnal_id](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+| [aws_iam_policy_document.read_only_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.trusted_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 <!--  -->
 <!-- END_TF_DOCS -->
 
-
-<!-- CREATED_BY_LEADYOU_README_GENERATOR -->
+<!-- CREATED_BY_LEADYOU_README_GENERATOR -->

examples/admina_integration.tf

@@ -0,0 +1,10 @@
+# This file can be copied and used as it is.
+module "admina-integration" {
+  source = "moneyforward-i/admina-integration/aws"
+}
+output "admina_role_arn" {
+  value = module.admina-integration.role_arn
+}
+output "admina_role_external_id" {
+  value = module.admina-integration.external_id
+}

main.tf

@@ -1,5 +1,5 @@
 locals {
-  extrnal_id = random_id.extrnal_id.id
+  extrnal_id     = random_id.extrnal_id.id
   integration_id = "162001151631"
 }
 resource "random_id" "extrnal_id" {
@@ -9,13 +9,13 @@ resource "random_id" "extrnal_id" {
 
 resource "aws_iam_role" "this" {
   path               = var.role_path
-  name               = "IT-Management-Cloud-Integration-Role"
-  description        = "IT Management Cloud Service use this role to integrate with AWS."
+  name               = "Admina-Integration-Role"
+  description        = "Admina Service use this role to integrate with AWS."
   assume_role_policy = data.aws_iam_policy_document.trusted_policy.json
   tags = merge(
     var.additional_tags,
     {
-      "Name" = "IT Management Cloud Integration Role"
+      "Name" = "Admina Integration Role"
     },
   )
 }
@@ -36,36 +36,62 @@ data "aws_iam_policy_document" "trusted_policy" {
   }
 }
 resource "aws_iam_role_policy" "role_policy" {
-  name = "IT-Management-Cloud-Integration-Role-Policy"
-  role = aws_iam_role.this.id
-  policy = data.aws_iam_policy_document.role_policy.json
+  name   = "Admina-Integration-Role-Policy"
+  role   = aws_iam_role.this.id
+  policy = var.read_only ? data.aws_iam_policy_document.read_only_role_policy.json : data.aws_iam_policy_document.role_policy.json
 }
 
 data "aws_iam_policy_document" "role_policy" {
   statement {
-    sid = "IntegrationAccessPolicy"
+    sid    = "IntegrationAccessPolicy"
     effect = "Allow"
     actions = [
-                "iam:GetAccessKeyLastUsed",
-                "iam:ListAccessKeys",
-                "iam:ListAttachedUserPolicies",
-                "iam:ListGroupsForUser",
-                "iam:ListMFADevices",
-                "iam:ListRolePolicies",
-                "iam:ListRoles",
-                "iam:ListUsers",
-                "iam:ListUserTags",
-                "iam:DeleteUser",
-                "iam:DeleteAccessKey",
-                "iam:DeleteRole",
-                "iam:ListAttachedRolePolicies",
-                "iam:DetachRolePolicy",
-                "iam:DeleteLoginProfile",
-                "iam:ListAttachedUserPolicies",
-                "iam:DetachUserPolicy",
-                "account:GetContactInformation"
+      "iam:GetAccessKeyLastUsed",
+      "iam:ListAccessKeys",
+      "iam:ListAttachedUserPolicies",
+      "iam:ListGroupsForUser",
+      "iam:ListMFADevices",
+      "iam:ListRolePolicies",
+      "iam:ListRoles",
+      "iam:ListUsers",
+      "iam:ListUserTags",
+      "iam:DeleteUser",
+      "iam:DeleteAccessKey",
+      "iam:DeleteRole",
+      "iam:ListAttachedRolePolicies",
+      "iam:DetachRolePolicy",
+      "iam:DeleteLoginProfile",
+      "iam:ListAttachedUserPolicies",
+      "iam:DetachUserPolicy",
+      "iam:CreateUser",
+      "iam:TagUser",
+      "iam:ListUserPolicies",
+      "account:GetContactInformation"
     ]
     resources = ["*"]
   }
 }
 
+data "aws_iam_policy_document" "read_only_role_policy" {
+  statement {
+    sid    = "IntegrationAccessPolicy"
+    effect = "Allow"
+    actions = [
+      "iam:GetAccessKeyLastUsed",
+      "iam:ListAccessKeys",
+      "iam:ListAttachedUserPolicies",
+      "iam:ListGroupsForUser",
+      "iam:ListMFADevices",
+      "iam:ListRolePolicies",
+      "iam:ListRoles",
+      "iam:ListUsers",
+      "iam:ListUserTags",
+      "iam:ListAttachedRolePolicies",
+      "iam:ListAttachedUserPolicies",
+      "iam:TagUser",
+      "iam:ListUserPolicies",
+      "account:GetContactInformation"
+    ]
+    resources = ["*"]
+  }
+}

outputs.tf

@@ -1,9 +1,9 @@
 output "role_arn" {
-  value = aws_iam_role.this.arn
-  description = "The output is the Arn of the Role that was created. <br>This value will be able to enter into IntegrationPage on ITMC"
+  value       = aws_iam_role.this.arn
+  description = "The output is the Arn of the Role that was created. <br>This value will be able to enter into IntegrationPage on Admina"
 }
 
 output "external_id" {
-  value = local.extrnal_id
-  description = "The output is the External ID of the Role that was created. <br>This value will be able to enter into IntegrationPage on ITMC"
-}
+  value       = local.extrnal_id
+  description = "The output is the External ID of the Role that was created. <br>This value will be able to enter into IntegrationPage on Admina"
+}

variables.tf

@@ -5,8 +5,13 @@ variable "additional_tags" {
 }
 
 variable "role_path" {
-  type = string
-  default = "/integration/"
+  type        = string
+  default     = "/integration/"
   description = "Path to place the Role."
 }
 
+variable "read_only" {
+  type        = bool
+  default     = false
+  description = "If true, the role will be read only."
+}