Rename -> create_aws_auth_backend_iam_policies, per @brikis98 suggest…

…ion.

modules/vault-cluster/main.tf

@@ -216,14 +216,14 @@ data "aws_iam_policy_document" "vault_s3" {
 }
 
 resource "aws_iam_role_policy" "vault_aws_ec2_iam_auth" {
-  count  = "${var.enable_ec2_iam_auth ? 1 : 0}"
+  count  = "${var.create_aws_auth_backend_iam_policies ? 1 : 0}"
   name   = "vault_aws_ec2_iam_auth"
   role   = "${aws_iam_role.instance_role.id}"
   policy = "${element(concat(data.aws_iam_policy_document.vault_aws_ec2_iam_auth.*.json, list("")), 0)}"
 }
 
 data "aws_iam_policy_document" "vault_aws_ec2_iam_auth" {
-  count = "${var.enable_ec2_iam_auth ? 1 : 0}"
+  count = "${var.create_aws_auth_backend_iam_policies ? 1 : 0}"
 
   statement {
     effect = "Allow"

modules/vault-cluster/variables.tf

@@ -186,7 +186,7 @@ variable "force_destroy_s3_bucket" {
   default     = false
 }
 
-variable "enable_ec2_iam_auth" {
+variable "create_aws_auth_backend_iam_policies" {
   description = "If set to true, create IAM policies required by the AWS Auth backend, and apply the policies via IAM Instance Profiles. Note that this does NOT actually enable the backend, but merely sets policies that will permit it to function as expected."
   default     = false
 }