Feature request: add Condition variable #15

Almenon · 2023-06-16T22:38:44Z

Using AWS IAM Identity Center is best practice according to AWS for assigning out permissions. However, it creates roles with unique names. To avoid having to hardcode unique names everywhere, AWS says you can use a condition with a wildcard in your trust policy. However, terraform-aws-eks-blueprints-teams does not support that currently.

If this repo added support that would make our code a lot cleaner and more maintainable, as we wouldn't have to have hardcoded AWS role names for each AWS account.

For reference see bottom of https://docs.aws.amazon.com/singlesignon/latest/userguide/referencingpermissionsets.html

bryantbiggs · 2023-06-16T23:03:56Z

I think that sounds like a reasonable change - we'll add this to the list, thank you!

Almenon · 2023-08-21T17:00:22Z

Thanks @bryantbiggs !

bryantbiggs added the enhancement New feature or request label Jun 16, 2023

askulkarni2 added this to EKS Blueprints Jun 19, 2023

askulkarni2 moved this to Todo in EKS Blueprints Jun 19, 2023

askulkarni2 removed the status in EKS Blueprints Jun 19, 2023

askulkarni2 added the teams label Jun 28, 2023

bryantbiggs mentioned this issue Aug 15, 2023

feat: Add support for conditionally passing role wildcards to IRSA trust policy #19

Merged

3 tasks

rodrigobersa closed this as completed in #19 Aug 16, 2023

bryantbiggs moved this to Done in EKS Blueprints Dec 3, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feature request: add Condition variable #15

Feature request: add Condition variable #15

Almenon commented Jun 16, 2023

bryantbiggs commented Jun 16, 2023

Almenon commented Aug 21, 2023

Feature request: add Condition variable #15

Feature request: add Condition variable #15

Comments

Almenon commented Jun 16, 2023

bryantbiggs commented Jun 16, 2023

Almenon commented Aug 21, 2023