From 2ad8be2bcb7e322e6901d65628750e10bd17b4d4 Mon Sep 17 00:00:00 2001
From: getSurreal <james@getsurreal.com>
Date: Tue, 3 Jun 2025 12:19:08 -0500
Subject: [PATCH 1/3] Add credentialSpecs

---
 variables.tf | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/variables.tf b/variables.tf
index a906798..52b4ad8 100644
--- a/variables.tf
+++ b/variables.tf
@@ -23,8 +23,9 @@ variable "container_memory_reservation" {
 # https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html
 variable "container_definition" {
   type = object({
-    command = optional(list(string))
-    cpu     = optional(number)
+    command         = optional(list(string))
+    cpu             = optional(number)
+    credentialSpecs = optional(list(string))
     dependsOn = optional(list(object({
       condition     = string
       containerName = string
@@ -370,6 +371,12 @@ variable "links" {
   default     = null
 }
 
+variable "credentialSpecs" {
+  type        = list(string)
+  description = "A list of ARNs in SSM or Amazon S3 to a credential spec (CredSpec) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the dockerSecurityOptions. The maximum number of ARNs is 1."
+  default     = null
+}
+
 variable "user" {
   type        = string
   description = "The user to run as inside the container. Can be any of these formats: user, user:group, uid, uid:gid, user:gid, uid:group. The default (null) will use the container's configured `USER` directive or root if not set."

From 33f05406918b9172cb3c2a576377bc1abe5807af Mon Sep 17 00:00:00 2001
From: getSurreal <james@getsurreal.com>
Date: Tue, 3 Jun 2025 12:25:53 -0500
Subject: [PATCH 2/3] add credentialSpecs

---
 main.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/main.tf b/main.tf
index eaaa502..4f1bd1b 100644
--- a/main.tf
+++ b/main.tf
@@ -74,6 +74,7 @@ locals {
     resourceRequirements   = var.resource_requirements
     restartPolicy          = local.restart_policy_without_null
     versionConsistency     = var.version_consistency
+    credentialSpecs        = var.credential_specs
   }
 
   container_definition_without_null = {

From c1b5b3a72904e1dcd70dfbe76e841db51cc524a2 Mon Sep 17 00:00:00 2001
From: getSurreal <james@getsurreal.com>
Date: Tue, 3 Jun 2025 12:26:47 -0500
Subject: [PATCH 3/3] rename credentialSpecs to credential_specs

---
 variables.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/variables.tf b/variables.tf
index 52b4ad8..9d1d324 100644
--- a/variables.tf
+++ b/variables.tf
@@ -371,7 +371,7 @@ variable "links" {
   default     = null
 }
 
-variable "credentialSpecs" {
+variable "credential_specs" {
   type        = list(string)
   description = "A list of ARNs in SSM or Amazon S3 to a credential spec (CredSpec) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the dockerSecurityOptions. The maximum number of ARNs is 1."
   default     = null