feat: Updated to support Terraform 0.13 also (#103)

0b7dbf59 · Anton Babenko · GitHub · deb8379c · 0b7dbf59 · 0b7dbf59
Commit 0b7dbf59 authored Oct 30, 2020 by Anton Babenko Committed by GitHub Oct 30, 2020
54 changed files
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -4,6 +4,21 @@ repos:
    hooks:
      - id: terraform_fmt
      - id: terraform_docs
+      - id: terraform_tflint
+        args:
+          - '--args=--only=terraform_deprecated_interpolation'
+          - '--args=--only=terraform_deprecated_index'
+          - '--args=--only=terraform_unused_declarations'
+          - '--args=--only=terraform_comment_syntax'
+          - '--args=--only=terraform_documented_outputs'
+          - '--args=--only=terraform_documented_variables'
+          - '--args=--only=terraform_typed_variables'
+          - '--args=--only=terraform_module_pinned_source'
+          - '--args=--only=terraform_naming_convention'
+          - '--args=--only=terraform_required_version'
+          - '--args=--only=terraform_required_providers'
+          - '--args=--only=terraform_standard_module_structure'
+          - '--args=--only=terraform_workspace_remote'
  - repo: git://github.com/pre-commit/pre-commit-hooks
    rev: v3.2.0
    hooks:

--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ These types of resources are supported:

 ## Terraform versions

-Terraform 0.12. Pin module version to `~> v2.0`. Submit pull-requests to `master` branch.
+Terraform 0.12 or newer. Pin module version to `~> v2.0`. Submit pull-requests to `master` branch.

 Terraform 0.11. Pin module version to `~> v1.0`. Submit pull-requests to `terraform011` branch.

@@ -117,7 +117,6 @@ module "iam_assumable_roles_with_saml" {

  create_readonly_role = true

-  provider_name = "idp_saml"
  provider_id   = "arn:aws:iam::235367859851:saml-provider/idp_saml"
 }
 ```

--- a/examples/iam-account/README.md
+++ b/examples/iam-account/README.md
@@ -17,7 +17,10 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers


--- a/examples/iam-account/variables.tf
+++ b/examples/iam-account/variables.tf
--- a/examples/iam-account/versions.tf
+++ b/examples/iam-account/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.23"
+  }
+}
--- a/examples/iam-assumable-role-with-oidc/README.md
+++ b/examples/iam-assumable-role-with-oidc/README.md
@@ -17,7 +17,10 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers


--- a/examples/iam-assumable-role-with-oidc/variables.tf
+++ b/examples/iam-assumable-role-with-oidc/variables.tf
--- a/examples/iam-assumable-role-with-oidc/versions.tf
+++ b/examples/iam-assumable-role-with-oidc/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.23"
+  }
+}
--- a/examples/iam-assumable-role/README.md
+++ b/examples/iam-assumable-role/README.md
@@ -19,7 +19,10 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers


--- a/examples/iam-assumable-role/variables.tf
+++ b/examples/iam-assumable-role/variables.tf
--- a/examples/iam-assumable-role/versions.tf
+++ b/examples/iam-assumable-role/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.23"
+  }
+}
--- a/examples/iam-assumable-roles-with-saml/README.md
+++ b/examples/iam-assumable-roles-with-saml/README.md
@@ -17,13 +17,16 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | n/a |
+| aws | >= 2.23 |

 ## Inputs


--- a/examples/iam-assumable-roles-with-saml/main.tf
+++ b/examples/iam-assumable-roles-with-saml/main.tf
@@ -21,8 +21,7 @@ module "iam_assumable_roles_with_saml" {

  create_readonly_role = true

-  provider_name = aws_iam_saml_provider.idp_saml.name
-  provider_id   = aws_iam_saml_provider.idp_saml.id
+  provider_id = aws_iam_saml_provider.idp_saml.id
 }

 #################################################################
@@ -35,6 +34,5 @@ module "iam_assumable_roles_with_saml_custom" {
  poweruser_role_name        = "Billing-And-Support-Access"
  poweruser_role_policy_arns = ["arn:aws:iam::aws:policy/job-function/Billing", "arn:aws:iam::aws:policy/AWSSupportAccess"]

-  provider_name = aws_iam_saml_provider.idp_saml.name
-  provider_id   = aws_iam_saml_provider.idp_saml.id
+  provider_id = aws_iam_saml_provider.idp_saml.id
 }
--- a/examples/iam-assumable-roles-with-saml/variables.tf
+++ b/examples/iam-assumable-roles-with-saml/variables.tf
--- a/examples/iam-assumable-roles-with-saml/versions.tf
+++ b/examples/iam-assumable-roles-with-saml/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.23"
+  }
+}
--- a/examples/iam-assumable-roles/README.md
+++ b/examples/iam-assumable-roles/README.md
@@ -17,7 +17,10 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers


--- a/examples/iam-assumable-roles/variables.tf
+++ b/examples/iam-assumable-roles/variables.tf
--- a/examples/iam-assumable-roles/versions.tf
+++ b/examples/iam-assumable-roles/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.23"
+  }
+}
--- a/examples/iam-group-complete/README.md
+++ b/examples/iam-group-complete/README.md
@@ -19,7 +19,10 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers


--- a/examples/iam-group-complete/variables.tf
+++ b/examples/iam-group-complete/variables.tf
--- a/examples/iam-group-complete/versions.tf
+++ b/examples/iam-group-complete/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.23"
+  }
+}
--- a/examples/iam-group-with-assumable-roles-policy/README.md
+++ b/examples/iam-group-with-assumable-roles-policy/README.md
@@ -17,14 +17,17 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | n/a |
-| aws.production | n/a |
+| aws | >= 2.23 |
+| aws.production | >= 2.23 |

 ## Inputs


--- a/examples/iam-group-with-assumable-roles-policy/variables.tf
+++ b/examples/iam-group-with-assumable-roles-policy/variables.tf
--- a/examples/iam-group-with-assumable-roles-policy/versions.tf
+++ b/examples/iam-group-with-assumable-roles-policy/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.23"
+  }
+}
--- a/examples/iam-group-with-policies/README.md
+++ b/examples/iam-group-with-policies/README.md
@@ -17,13 +17,16 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | n/a |
+| aws | >= 2.23 |

 ## Inputs


--- a/examples/iam-group-with-policies/variables.tf
+++ b/examples/iam-group-with-policies/variables.tf
--- a/examples/iam-group-with-policies/versions.tf
+++ b/examples/iam-group-with-policies/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.23"
+  }
+}
--- a/examples/iam-policy/README.md
+++ b/examples/iam-policy/README.md
@@ -17,13 +17,16 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | n/a |
+| aws | >= 2.23 |

 ## Inputs


--- a/examples/iam-policy/variables.tf
+++ b/examples/iam-policy/variables.tf
--- a/examples/iam-policy/versions.tf
+++ b/examples/iam-policy/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.23"
+  }
+}
--- a/examples/iam-user/README.md
+++ b/examples/iam-user/README.md
@@ -18,7 +18,10 @@ Run `terraform destroy` when you don't need these resources.
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements

-No requirements.
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.50 |

 ## Providers

@@ -32,10 +35,10 @@ No input.

 | Name | Description |
 |------|-------------|
-| keybase\_password\_decrypt\_command | n/a |
-| keybase\_password\_pgp\_message | n/a |
-| keybase\_secret\_key\_decrypt\_command | n/a |
-| keybase\_secret\_key\_pgp\_message | n/a |
+| keybase\_password\_decrypt\_command | Decrypt user password command |
+| keybase\_password\_pgp\_message | Encrypted password |
+| keybase\_secret\_key\_decrypt\_command | Decrypt access secret key command |
+| keybase\_secret\_key\_pgp\_message | Encrypted access secret key |
 | pgp\_key | PGP key used to encrypt sensitive data for this user (if empty - secrets are not encrypted) |
 | this\_iam\_access\_key\_encrypted\_secret | The encrypted secret, base64 encoded |
 | this\_iam\_access\_key\_id | The access key ID |

--- a/examples/iam-user/outputs.tf
+++ b/examples/iam-user/outputs.tf
@@ -59,17 +59,21 @@ output "pgp_key" {
 }

 output "keybase_password_decrypt_command" {
-  value = module.iam_user.keybase_password_decrypt_command
+  description = "Decrypt user password command"
+  value       = module.iam_user.keybase_password_decrypt_command
 }

 output "keybase_password_pgp_message" {
-  value = module.iam_user.keybase_password_pgp_message
+  description = "Encrypted password"
+  value       = module.iam_user.keybase_password_pgp_message
 }

 output "keybase_secret_key_decrypt_command" {
-  value = module.iam_user.keybase_secret_key_decrypt_command
+  description = "Decrypt access secret key command"
+  value       = module.iam_user.keybase_secret_key_decrypt_command
 }

 output "keybase_secret_key_pgp_message" {
-  value = module.iam_user.keybase_secret_key_pgp_message
+  description = "Encrypted access secret key"
+  value       = module.iam_user.keybase_secret_key_pgp_message
 }
--- a/examples/iam-user/variables.tf
+++ b/examples/iam-user/variables.tf
--- a/examples/iam-user/versions.tf
+++ b/examples/iam-user/versions.tf
+terraform {
+  required_version = ">= 0.12.6"
+
+  required_providers {
+    aws = ">= 2.50"
+  }
+}
--- a/modules/iam-account/README.md
+++ b/modules/iam-account/README.md
@@ -26,14 +26,14 @@ Import successful!

 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.6, < 0.14 |
-| aws | >= 2.23, < 4.0 |
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | >= 2.23, < 4.0 |
+| aws | >= 2.23 |

 ## Inputs


--- a/modules/iam-account/versions.tf
+++ b/modules/iam-account/versions.tf
 terraform {
-  required_version = ">= 0.12.6, < 0.14"
+  required_version = ">= 0.12.6"

  required_providers {
-    aws = ">= 2.23, < 4.0"
+    aws = ">= 2.23"
  }
 }
--- a/modules/iam-assumable-role-with-oidc/README.md
+++ b/modules/iam-assumable-role-with-oidc/README.md
@@ -11,14 +11,14 @@ This module supports IAM Roles for kubernetes service accounts as described in t

 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.6, < 0.14 |
-| aws | >= 2.23, < 4.0 |
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | >= 2.23, < 4.0 |
+| aws | >= 2.23 |

 ## Inputs

@@ -32,8 +32,8 @@ This module supports IAM Roles for kubernetes service accounts as described in t
 | oidc\_subjects\_with\_wildcards | The OIDC subject using wildcards to be added to the role policy | `set(string)` | `[]` | no |
 | provider\_url | URL of the OIDC Provider. Use provider\_urls to specify several URLs. | `string` | `""` | no |
 | provider\_urls | List of URLs of the OIDC Providers | `list(string)` | `[]` | no |
-| role\_name | IAM role name | `string` | `""` | no |
 | role\_description | IAM Role description | `string` | `""` | no |
+| role\_name | IAM role name | `string` | `""` | no |
 | role\_path | Path of IAM role | `string` | `"/"` | no |
 | role\_permissions\_boundary\_arn | Permissions boundary ARN to use for IAM role | `string` | `""` | no |
 | role\_policy\_arns | List of ARNs of IAM policies to attach to IAM role | `list(string)` | `[]` | no |

--- a/modules/iam-assumable-role-with-oidc/versions.tf
+++ b/modules/iam-assumable-role-with-oidc/versions.tf
 terraform {
-  required_version = ">= 0.12.6, < 0.14"
+  required_version = ">= 0.12.6"

  required_providers {
-    aws = ">= 2.23, < 4.0"
+    aws = ">= 2.23"
  }
 }
--- a/modules/iam-assumable-role/README.md
+++ b/modules/iam-assumable-role/README.md
@@ -9,14 +9,14 @@ Trusted resources can be any [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/U

 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.6, < 0.14 |
-| aws | >= 2.23, < 4.0 |
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | >= 2.23, < 4.0 |
+| aws | >= 2.23 |

 ## Inputs


--- a/modules/iam-assumable-role/versions.tf
+++ b/modules/iam-assumable-role/versions.tf
 terraform {
-  required_version = ">= 0.12.6, < 0.14"
+  required_version = ">= 0.12.6"

  required_providers {
-    aws = ">= 2.23, < 4.0"
+    aws = ">= 2.23"
  }
 }
--- a/modules/iam-assumable-roles-with-saml/README.md
+++ b/modules/iam-assumable-roles-with-saml/README.md
@@ -11,14 +11,14 @@ Creates predefined IAM roles (admin, poweruser and readonly) which can be assume

 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.6, < 0.14 |
-| aws | >= 2.23, < 4.0 |
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | >= 2.23, < 4.0 |
+| aws | >= 2.23 |

 ## Inputs

@@ -41,7 +41,6 @@ Creates predefined IAM roles (admin, poweruser and readonly) which can be assume
 | poweruser\_role\_policy\_arns | List of policy ARNs to use for poweruser role | `list(string)` | <pre>[<br>  "arn:aws:iam::aws:policy/PowerUserAccess"<br>]</pre> | no |
 | poweruser\_role\_tags | A map of tags to add to poweruser role resource. | `map(string)` | `{}` | no |
 | provider\_id | ID of the SAML Provider | `string` | n/a | yes |
-| provider\_name | Name of the SAML Provider | `string` | n/a | yes |
 | readonly\_role\_name | IAM role with readonly access | `string` | `"readonly"` | no |
 | readonly\_role\_path | Path of readonly IAM role | `string` | `"/"` | no |
 | readonly\_role\_permissions\_boundary\_arn | Permissions boundary ARN to use for readonly role | `string` | `""` | no |

--- a/modules/iam-assumable-roles-with-saml/variables.tf
+++ b/modules/iam-assumable-roles-with-saml/variables.tf
-variable "provider_name" {
-  description = "Name of the SAML Provider"
-  type        = string
-}
-
 variable "provider_id" {
  description = "ID of the SAML Provider"
  type        = string

--- a/modules/iam-assumable-roles-with-saml/versions.tf
+++ b/modules/iam-assumable-roles-with-saml/versions.tf
 terraform {
-  required_version = ">= 0.12.6, < 0.14"
+  required_version = ">= 0.12.6"

  required_providers {
-    aws = ">= 2.23, < 4.0"
+    aws = ">= 2.23"
  }
 }
--- a/modules/iam-assumable-roles/README.md
+++ b/modules/iam-assumable-roles/README.md
@@ -9,14 +9,14 @@ Trusted resources can be any [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/U

 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.6, < 0.14 |
-| aws | >= 2.23, < 4.0 |
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | >= 2.23, < 4.0 |
+| aws | >= 2.23 |

 ## Inputs


--- a/modules/iam-assumable-roles/versions.tf
+++ b/modules/iam-assumable-roles/versions.tf
 terraform {
-  required_version = ">= 0.12.6, < 0.14"
+  required_version = ">= 0.12.6"

  required_providers {
-    aws = ">= 2.23, < 4.0"
+    aws = ">= 2.23"
  }
 }
--- a/modules/iam-group-with-assumable-roles-policy/README.md
+++ b/modules/iam-group-with-assumable-roles-policy/README.md
@@ -7,14 +7,14 @@ Creates IAM group with users who are allowed to assume IAM roles. This is typica

 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.6, < 0.14 |
-| aws | >= 2.23, < 4.0 |
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | >= 2.23, < 4.0 |
+| aws | >= 2.23 |

 ## Inputs


--- a/modules/iam-group-with-assumable-roles-policy/versions.tf
+++ b/modules/iam-group-with-assumable-roles-policy/versions.tf
 terraform {
-  required_version = ">= 0.12.6, < 0.14"
+  required_version = ">= 0.12.6"

  required_providers {
-    aws = ">= 2.23, < 4.0"
+    aws = ">= 2.23"
  }
 }
--- a/modules/iam-group-with-policies/README.md
+++ b/modules/iam-group-with-policies/README.md
@@ -7,14 +7,14 @@ Creates IAM group with specified IAM policies, and add users into a group.

 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.6, < 0.14 |
-| aws | >= 2.23, < 4.0 |
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | >= 2.23, < 4.0 |
+| aws | >= 2.23 |

 ## Inputs


--- a/modules/iam-group-with-policies/versions.tf
+++ b/modules/iam-group-with-policies/versions.tf
 terraform {
-  required_version = ">= 0.12.6, < 0.14"
+  required_version = ">= 0.12.6"

  required_providers {
-    aws = ">= 2.23, < 4.0"
+    aws = ">= 2.23"
  }
 }
--- a/modules/iam-policy/README.md
+++ b/modules/iam-policy/README.md
@@ -7,14 +7,14 @@ Creates IAM policy.

 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.6, < 0.14 |
-| aws | >= 2.23, < 4.0 |
+| terraform | >= 0.12.6 |
+| aws | >= 2.23 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | >= 2.23, < 4.0 |
+| aws | >= 2.23 |

 ## Inputs


--- a/modules/iam-policy/versions.tf
+++ b/modules/iam-policy/versions.tf
 terraform {
-  required_version = ">= 0.12.6, < 0.14"
+  required_version = ">= 0.12.6"

  required_providers {
-    aws = ">= 2.23, < 4.0"
+    aws = ">= 2.23"
  }
 }
--- a/modules/iam-user/README.md
+++ b/modules/iam-user/README.md
@@ -23,14 +23,14 @@ This module outputs commands and PGP messages which can be decrypted either usin

 | Name | Version |
 |------|---------|
-| terraform | >= 0.12.6, < 0.14 |
-| aws | >= 2.50, < 4.0 |
+| terraform | >= 0.12.6 |
+| aws | >= 2.50 |

 ## Providers

 | Name | Version |
 |------|---------|
-| aws | >= 2.50, < 4.0 |
+| aws | >= 2.50 |

 ## Inputs

@@ -55,10 +55,10 @@ This module outputs commands and PGP messages which can be decrypted either usin

 | Name | Description |
 |------|-------------|
-| keybase\_password\_decrypt\_command | n/a |
-| keybase\_password\_pgp\_message | n/a |
-| keybase\_secret\_key\_decrypt\_command | n/a |
-| keybase\_secret\_key\_pgp\_message | n/a |
+| keybase\_password\_decrypt\_command | Decrypt user password command |
+| keybase\_password\_pgp\_message | Encrypted password |
+| keybase\_secret\_key\_decrypt\_command | Decrypt access secret key command |
+| keybase\_secret\_key\_pgp\_message | Encrypted access secret key |
 | pgp\_key | PGP key used to encrypt sensitive data for this user (if empty - secrets are not encrypted) |
 | this\_iam\_access\_key\_encrypted\_secret | The encrypted secret, base64 encoded |
 | this\_iam\_access\_key\_id | The access key ID |

--- a/modules/iam-user/outputs.tf
+++ b/modules/iam-user/outputs.tf
@@ -86,6 +86,7 @@ output "pgp_key" {
 }

 output "keybase_password_decrypt_command" {
+  description = "Decrypt user password command"
  value = <<EOF
 echo "${element(
  concat(aws_iam_user_login_profile.this.*.encrypted_password, [""]),
@@ -96,6 +97,7 @@ EOF
 }

 output "keybase_password_pgp_message" {
+  description = "Encrypted password"
  value = <<EOF
 -----BEGIN PGP MESSAGE-----
 Version: Keybase OpenPGP v2.0.76
@@ -111,14 +113,16 @@ EOF
 }

 output "keybase_secret_key_decrypt_command" {
-  value = <<EOF
+  description = "Decrypt access secret key command"
+  value       = <<EOF
 echo "${element(concat(aws_iam_access_key.this.*.encrypted_secret, [""]), 0)}" | base64 --decode | keybase pgp decrypt
 EOF

 }

 output "keybase_secret_key_pgp_message" {
-  value = <<EOF
+  description = "Encrypted access secret key"
+  value       = <<EOF
 -----BEGIN PGP MESSAGE-----
 Version: Keybase OpenPGP v2.0.76
 Comment: https://keybase.io/crypto

--- a/modules/iam-user/versions.tf
+++ b/modules/iam-user/versions.tf
 terraform {
-  required_version = ">= 0.12.6, < 0.14"
+  required_version = ">= 0.12.6"

  required_providers {
-    aws = ">= 2.50, < 4.0"
+    aws = ">= 2.50"
  }
 }