Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow boundary on role #68

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Allow boundary on role #68

wants to merge 4 commits into from

Conversation

nmamn
Copy link

@nmamn nmamn commented Sep 8, 2023

On a client's account, we are not IAM Admins, so we need to attach a boundary policy to the role created by the module, in order to limit what we can do.

This PR is there to permit this feature, and should not change anything when there is no boundary policy used.

pdecat
pdecat reviewed Sep 8, 2023
View reviewed changes
cloud/aws/roles.tf
name = "SignalFxIntegration${var.suffix == "" ? "" : "-${title(var.suffix)}"}"
description = "SignalFx integration to read out data and send it to SignalFx's AWS account"
assume_role_policy = data.aws_iam_policy_document.sfx_policy_doc.json
permissions_boundary = var.sfx_role_permissions_boundary != null ? var.sfx_role_permissions_boundary : null
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
permissions_boundary = var.sfx_role_permissions_boundary != null ? var.sfx_role_permissions_boundary : null
permissions_boundary = var.sfx_role_permissions_boundary

pdecat
pdecat approved these changes Sep 8, 2023
View reviewed changes
Copy link
Member

@pdecat pdecat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A minor comment, but LGTM!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pdecat pdecat pdecat approved these changes

@BzSpi BzSpi Awaiting requested review from BzSpi BzSpi is a code owner

@cvauvarin cvauvarin Awaiting requested review from cvauvarin cvauvarin is a code owner

@JMHAUTBOIS-Claranet JMHAUTBOIS-Claranet Awaiting requested review from JMHAUTBOIS-Claranet JMHAUTBOIS-Claranet is a code owner

@Shr3ps Shr3ps Awaiting requested review from Shr3ps Shr3ps is a code owner

@tchernomax tchernomax Awaiting requested review from tchernomax tchernomax is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@nmamn @pdecat