-
One of the interesting problems we hit is that our AWS setup requires all IAM roles to have a specific permissions boundary applied (`DevBoundary`). There is no good way yet to enforce that in SST.
…
-
To use spot instances with an AWS account, the account needs to have the corresponding service-linked role created (`AWSServiceRoleForEC2Spot`). If this role is not created, AWS will throw the follow…
-
Hi!
I detected that terraform use a policy `iam::aws:policy/AmazonS3FullAccess` that is very "strong" to do several task actions in S3
Normally these kinds of policies are blocked by security beca…
-
### Describe the feature
Allow passing a IAM Role to `ScheduledFargateTask` which in turn is passed as the `role` argument to `EcsTask`.
### Use Case
The default IAM role created in `EcsTask` gets …
-
### Name of the resource
AWS::IAM::Role
### Issue Description
When you have an `AWS::IAM::Role` resource in your stack, it does not get assigned the built-in tags: `aws:cloudformation:stack-n…
-
Guys,
Is it possible to use this library so that instead of providing keys to authenticate to SM SDK you could instead utilise the IAM roles assigned to an executing EC2 instance or a container in …
-
### Terraform Core Version
Terraform v1.0.0 on linux_amd64
### AWS Provider Version
provider registry.terraform.io/hashicorp/aws v4.64.0
### Affected Resource(s)
I am getting "Insuffici…
-
Injecting keys isnt ideal especially on ECS type scenarios. It would be very nice if you supported IAM based auth as well ie the task execution role in aws fargate
-
My customer was trying to use copilot and failing because their credentials allow them to use any service but don't allow them to create new IAM roles. It would be great if copilot could generate the…
-
According to the documentation, role_tag should be allowed also for inferred AWS 'iam' auth method
https://github.com/hashicorp/vault/blob/master/website/source/docs/auth/aws.html.md#dynamic-manage…