Enhance examples and documentation for role assignments, adding scenarios for multiple principals and role constraints

2026-02-27 19:30:42 +01:00
parent 6b6615b7d3
commit b7594f4a5f
8 changed files with 366 additions and 12 deletions
--- a/variables.tf
+++ b/variables.tf
@@ -36,12 +36,12 @@ variable "delegable_roles" {
 }

 variable "restricted_roles" {
-  type = list(string)
-  default = []
+  type        = list(string)
+  default     = []
  description = "Role definitions names that RBAC Administrator is not allowed to assign/delete via ABAC condition."

  validation {
-    condition = length(distinct(var.restricted_roles)) == length(var.restricted_roles)
+    condition     = length(distinct(var.restricted_roles)) == length(var.restricted_roles)
    error_message = "restricted_roles must not contain duplicates."
  }
 }