Closed ronaldtse closed 6 years ago
Good idea, 👍
@ronaldtse it would be great if you have a sample usage in mind?
Uploaded in #2
@ronaldtse the python API can help to do mapping user-group. So we are able to do dynamic authenticate users-groups. How about this config sample?
[
{
"group_names": ["group1", "group2"],
"user_names": ["user1", "user2"],
"region_name": "us-west-1"
},
{
"group_names": ["group3"],
"user_names": ["user1"],
"region_name": "us-west-2"
}
]
Yes this is good -- I somehow missed the users... Using Python API is good too. Thanks, let's proceed!
@phuonghuynh any updates so far? Thanks!
Creating/cleaning fake policies to persist timestamp. The usage will be changed a bit. PR will be submitted soon.
We need to keep in mind that there are limitations on IAM Entities including Policies, https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html
Good to know, we're very eager to use it. Thanks!
We're going to share lots of code with https://github.com/riboseinc/terraform-aws-authenticating-secgroup . Not sure if we can extract some generalized framework from it, but at least it's straightforward to do 👍