The Security Reference Architecture (SRA) implements typical security features as Terraform Templates that are deployed by most high-security organizations, and enforces controls for the largest risks that customers ask about most often.
Other
57
stars
27
forks
source link
[AWS] [Investigating] Self-assume role trust policy #37
After testing - it seems like this will work if the assume role is in the trust policy and in the role policy, if you remove the latter then it will not work. So closing for now
https://github.com/databricks/terraform-databricks-sra/blob/45e5e50a81f2741b5407d37c6a74654db63472bc/aws/tf/modules/sra/databricks_account/uc_init/unity_catalog_creation.tf#L25
Verifying that this does in fact work given the change to self-assume IAM policies or if this needs to be changed