Page MenuHomePhabricator
Differential D8635

[services][terraform] Set up IAM for feature-flags service
ClosedPublic
Actions

Authored by bartek on Jul 26 2023, 2:08 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 5, 7:31 AM
Unknown Object (File)
Tue, Nov 5, 7:31 AM
Unknown Object (File)
Tue, Nov 5, 7:31 AM
Unknown Object (File)
Tue, Nov 5, 7:31 AM
Unknown Object (File)
Tue, Nov 5, 7:28 AM
Unknown Object (File)
Fri, Nov 1, 4:36 PM
Unknown Object (File)
Fri, Nov 1, 4:36 PM
Unknown Object (File)
Fri, Nov 1, 4:30 PM
View All Files
Subscribers
ashoat

Details

Reviewers
tomek
michal
jon
varun
Commits
rCOMM5011835a4474: [services][terraform] Set up IAM for feature-flags service
Summary

Sets up IAM for feature-flags service. Also this is example of how to set up IAM to give minimum required permissions to a service.

Created a role that:

  • Can be assumed by EC2 instances and ECS tasks - basically they are allowed to use it
  • Allows read operations on feature-flags DDB table

Depends on D8583

Test Plan

Tested together with next diff - they're live on AWS now.

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
services/
terraform/
remote/
53 lines

Diff 29259

View Options

services/terraform/remote/aws_iam.tf

Loading...