v0.19.0

IAM Role name length limit @goruha (#58)

what

• Fix IAM role name length limit

why

• Fix IAM role name length limited to 64

Sync github @max-lobur (#54)

Rebuild github dir from the template

v0.18.0

• No changes

v0.17.0

Update main.tf @karinatitov (#50)

have a chance to configure the name of the policy

what

• With this change i want to have an ability to provide a custom name for the policy

why

• the resources i'm working with were not created in the same way this module assumes
• to have a chance to configure the name of the policy

git.io->cloudposse.tools update @dylanbannon (#46)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

• DEV-143

v0.16.2

🚀 Enhancements

Add enabled check to data source @nitrocode (#45)

what

• Add enabled check to data source
• Add TestExamplesCompleteDisabled check

why

• Prevent creation if enabled is false

references

• cloudposse/terraform-aws-s3-bucket#148

v0.16.1

🚀 Enhancements

Disabling all tags in all iam resources @jamengual (#44)

what

• In #43 I added the option to disable role tags but in environments where roles are created under very strict controls, the policy tags for the roles sometimes can't be tagged. This change disable tags for all IAM related resources.

why

• to disable tags for role-related things. Use one variable instead of two.

references

• #43

v0.16.0

Making tags for roles optional @jamengual (#43)

what

• Make role tags optional

why

• Restrictive policy boundaries do not allow tag roles in highly secure environments.

v0.15.0

allow to set role and policy path @1david5 (#40)

what

• Add path argument to role and policy resources

why

• Allow users to set path for role and policy

v0.14.1

Fix: Fix Variable Description Typo for `var.use_fullname` @korenyoni (#36)

what

• Fix variable description typo introduced in #35 for var.use_fullname

why

• Minor typo (unmatched right bracket).

references

• #35

Drop unused null provider @Xerkus (#34)

what

• Drop hashicorp/null provider from dependencies

why

• As far as I can tell the null provider is not used and I do not think it is needed for any kind of indirect dependency
• I think it was needed at some point for terraform-null-label

references

• Closes #31

Fix: fix variable description for `var.use_fullname`, run `make github/init` @korenyoni (#35)

what

• Fix variable description for var.use_fullname.
• Run make github/init.

why

• The var.use_fullname variable description is incorrect and refers to ECR repositories instead of IAM roles.
• Running make github/init will update GHA-workflow related files (and CODEOWNERS), the former of which is required for the no-release label (which allows for consolidating multiple small PRs such as this into one release).

references

• N/A

🚀 Enhancements

Add tags to policy @nitrocode (#37)

what

• Add tags to policy

why

• Tag it all

references

N/A

v0.14.0

Add assume role policy conditions and managed iam policies @sebastianmacarescu (#33)

what

• option to attach AWS Managed IAM policies to created role
• option to add conditions to trust policy

why

• we should be able to use aws managed policies (or any other policies) and not create new ones dedicated for this role
• we should be able to add conditions on who can assume this role (mfa enabled, be part of organization, specific session name, etc)

references

• closes #24
• documentation for conditions: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document
• documentation for conditions in trust role policies: https://aws.amazon.com/blogs/security/how-to-use-trust-policies-with-iam-roles/

v0.13.0

Add permissions_boundary as a variable @mmorejon (#30)

what

• Add permissions_boundary as a parameter

why

• This parameter is missing in the module as an option.

references

• iam_role#permissions_boundary

Signed-off-by: Manuel Morejon manuel@mmorejon.io