Skip to content

Commit

Permalink
MESG-2810 Allow customizing trust relationships on roles (#3)
Browse files Browse the repository at this point in the history
  • Loading branch information
@NikolayMetchev
NikolayMetchev authored Sep 16, 2024
1 parent 88c49b1 commit 0712a7f
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 0 deletions.
6 changes: 6 additions & 0 deletions iam.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,12 @@ data "aws_iam_policy_document" "assume_role" {
identifiers = principals.value.identifiers
}
}

condition {
test = "ForAnyValue:StringLike"
variable = "aws:SourceArn"
values = var.trusted_entities_assume_role_source_arns
}
}

dynamic "statement" {
Expand Down
6 changes: 6 additions & 0 deletions variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -596,6 +596,12 @@ variable "trusted_entities" {
default = []
}

variable "trusted_entities_assume_role_source_arns" {
description = "List of additional trusted entities for assuming Lambda Function role (trust relationship) with source ARNs"
type = list(string)
default = []
}

variable "assume_role_policy_statements" {
description = "Map of dynamic policy statements for assuming Lambda Function role (trust relationship)"
type = any
Expand Down

0 comments on commit 0712a7f

Please sign in to comment.