Feature: Allow users to pass their own IAM roles - Githubissues

cloudposse / terraform-aws-emr-cluster

Terraform module to provision an Elastic MapReduce (EMR) cluster on AWS

https://cloudposse.com/accelerate

Apache License 2.0

72 stars 81 forks source link

Feature: Allow users to pass their own IAM roles #44

Closed tirumerla closed 3 years ago

tirumerla commented 3 years ago

what

Allow flexibility for users to provide their own IAM roles created outside this module.

why

For my use case, enabling encryption on EMR ( see security_configuration variable ) using KMS CMK needs KMS permissions attached to the policies of the service role. This needs to happen before the cluster creation so that cluster can read the certs from s3 & enable at rest encryption using customer specified KMS key.
By allowing this flexibility users can provide their own IAM roles before the cluster is created and enable encryption.

references

Here are more details on EMR encryption

nitrocode commented 3 years ago

/test all

aknysh commented 3 years ago

/test all