Giter VIP home page Giter VIP logo

terraform-aws-iam's People

Contributors

alexandre-gl avatar baptistg avatar dixneuf19 avatar djinns avatar github-actions[bot] avatar julienjourdain avatar nathan-lg avatar piaverous avatar renovate[bot] avatar royldd avatar wiikip avatar

Stargazers

avatar

Watchers

avatar avatar avatar avatar

terraform-aws-iam's Issues

Module does not allow complex assume role policy

It is currently not possible to provide complex assume_role_policy such as

{
        "Version": "2012-10-17",
          "Statement": [
              {
                  "Effect": "Allow",
                  "Action": "sts:AssumeRole",
                  "Principal": {
                      "AWS": "464622532012"
                  },
                  "Condition": {
                      "StringEquals": {
                          "sts:ExternalId": datadog_integration_aws.this.external_id
                      }
                  }
              }
          ]
      }

The module should provide an interface for it

Add an example with kubernetes cluster oidc url

Since we often build infrastructure with a Kubernetes cluster, it would be nice to have an example on how to use this module if we want a Kubernetes service account to assume an IAM role.

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

This repository currently has no open or pending branches.

Detected dependencies

github-actions
.github/workflows/release-please.yml
  • google-github-actions/release-please-action v3
npm
package.json
terraform
versions.tf
  • aws >= 3.63
  • hashicorp/terraform >= 1.0.0
  • Check this box to trigger a request for Renovate to run again on this repository

The module in both 0.1.0 and 0.2.0 versions does not handle custom descriptions

For a Padok project, we need to import existing IAM roles and policies.

In the 0.1.0 version of the module (that we wanted to use), we cannot set a description for a policy as it's not provided in any way to the resource.
In the 0.2.0 version of the module, the description of the policy is automatically generated.

In both cases, this is not compatible with importing existing policies as a difference in the policy description forces it's replacement during the plan. We do not want to replace the policies as it has a cascade effect on other resources.

We should be able to provide custom descriptions for both versions of the module.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.