Feature request: Support Permission Boundaries
Closed this issue · 3 comments
andyrepton commented
We have customers who have restrictions in place that the operator and account roles cannot be created without having a permissions boundary. This is supported in the aws_iam_role but not available via the module yet.
Scorpiion commented
I work together with @Seth-Karlo in the Red Hat EMEA Black Belt team. I just wanted to add that this is supported in the rosa cli:
$ rosa create operator-roles --help
....
Examples:
# Create operator roles with a specific permissions boundary
rosa create operator-roles -c mycluster --permissions-boundary arn:aws:iam::123456789012:policy/perm-boundary
Flags:
...
--permissions-boundary string The ARN of the policy that is used to set the permissions boundary for the operator roles.
...
We would like to use this same feature in terraform.
andyrepton commented
Thanks very much!