cein/feature/add-iam-permissions-boundary-input

cloudposse / terraform-aws-elasticsearch

Terraform module to provision an Elasticsearch cluster with built-in integrations with Kibana and Logstash.

https://cloudposse.com/accelerate

Apache License 2.0

218 stars 231 forks source link

cein/feature/add-iam-permissions-boundary-input #120

Closed Cein-Markey closed 2 years ago

Cein-Markey commented 2 years ago

what

Add new iam_role_permissions_boundary variable with a default of empty string and place it in aws_iam_role.elasticsearch_user.permissions_boundary

why

This change is to allow users of the API to leverage/set permissions boundaries: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html

"A permissions boundary is an advanced feature for using a managed policy to set the maximum permissions that an identity-based policy can grant to an IAM entity"

Cein-Markey commented 2 years ago

Hey @nitrocode @adamcrews 👋 Just noticed there are some outstanding PRs that have been sat here a while and was wondering if there is an ETA on these. Thanks in advance and apologies for any disturbances.

Gowiem commented 2 years ago

/test all

Gowiem commented 2 years ago

/test all

Gowiem commented 2 years ago

@Cein-Markey thanks for the contribution! Released as 0.34.0!