Background:
The power-user role may have access to change, modify all parts of the
infrastructure except only all IAM related configuration. In certain
situations, like having to modify S3 buckets created by it's own user
the "iam:Get{User,Role,Policy}" permissions become necessary.
This commit grants only those three permission to the power-user role,
or, members of that group.
[X] Update the changelog
[X] Make sure that modules and files are documented. This can be done inside the module and files.
[X] Make sure that new modules directories contain a basic README.md file.
[X] Make sure that the module is added to tests/main.tf
[X] Make sure that the linting passes on CI.
[X] Make sure that there is an up to date example for your code:
For new modules this would entail example code for how to use the module or some explanation in the module readme.
For new examples please provide a README explaining how to run the example. It's also ideal to provide a basic makefile to use the example as well.
[X] Make sure that there is a manual CI trigger that can test the deployment.
Background: The power-user role may have access to change, modify all parts of the infrastructure except only all IAM related configuration. In certain situations, like having to modify S3 buckets created by it's own user the "iam:Get{User,Role,Policy}" permissions become necessary.
This commit grants only those three permission to the power-user role, or, members of that group.
modules
this would entail example code for how to use the module or some explanation in the module readme.