Skip to content

Commit

Permalink
prep role for future sso changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@badra001
badra001 committed Mar 18, 2024
1 parent 1396236 commit f88812f
Showing 1 changed file with 19 additions and 8 deletions.
27 changes: 19 additions & 8 deletions examples/full-cluster-tf-upgrade/1.29/role.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,12 +153,23 @@ data "aws_iam_policy_document" "allow_sts" {
]
}
}
## statement {
## sid = "AllowSTSAssumeFromSSO"
## effect = "Allow"
## actions = ["sts:AssumeRole"]
## principals {
## type = "AWS"
## identifiers = [
## format(local.iam_arn, "root"),
## ]
## }
## condition {
## test = "ArnLike"
## variable = "aws:PrincipalArn"
## values = [
## format(local.iam_arn, "role/aws-reserved/sso.amazonaws.com/*/AWSReservedSSO_csvd-sa-sc-developer_*"),
## format(local.iam_arn, "role/aws-reserved/sso.amazonaws.com/AWSReservedSSO_csvd-sa-sc-developer_*"),
## ]
## }
## }
}

# data "aws_iam_policy_document" "cluster-admin_combined"
# source_policy_documents = [
# data.aws_iam_policy_document.allow_sts.json
# data.aws_iam_policy_document.saml_assume.json,
# ]
# }
#

0 comments on commit f88812f

Please sign in to comment.