search

cattle-ops / terraform-aws-gitlab-runner

Terraform module for AWS GitLab runners on ec2 (spot) instances
https://registry.terraform.io/modules/cattle-ops/gitlab-runner/aws
MIT License
587 stars 331 forks source link

fix: use a valid policy for ssm access #1124

Closed ryancausey closed 6 months ago

ryancausey commented 6 months ago

Description

This resolves an issue where the previous policy template did not specify a valid resource argument for the second policy statement. The modified template should now apply without error.

Migrations required

No

Verification

I applied this module to my runner setup and it resolved the issue.

Closes #1123

github-actions[bot] commented 6 months ago

Hey @ryancausey! 👋

Thank you for your contribution to the project. Please refer to the contribution rules for a quick overview of the process.

Make sure that this PR clearly explains:

With submitting this PR you confirm that you hold the rights of the code added and agree that it will published under this LICENSE.

The following ChatOps commands are supported:

Simply add a comment with the command in the first line. If you need to pass more information, separate it with a blank line from the command.

This message was generated automatically. You are welcome to improve it.

kayman-mk commented 6 months ago

Have seen this today as well. Guess we better limit access to the exact resource.

kayman-mk commented 6 months ago

@ryancausey Could you please have a look at my last commit? I think it is better to not allow the Runner to access all SSM parameters. I know, the * was there before, but I think we should fix this now.