e1a432a167
Allows vault roles to be associated with IAM groups in the AWS secrets engine, since IAM groups are a recommended way to manage IAM user policies. IAM users generated against a vault role will be added to the IAM Groups. For a credential type of `assumed_role` or `federation_token`, the policies sent to the corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the policies from each group in `iam_groups` combined with the `policy_document` and `policy_arns` parameters. Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com> |
||
|---|---|---|
| .. | ||
| cmd/aws | ||
| backend.go | ||
| backend_test.go | ||
| client.go | ||
| iam_policies.go | ||
| iam_policies_test.go | ||
| path_config_lease.go | ||
| path_config_root.go | ||
| path_config_root_test.go | ||
| path_config_rotate_root.go | ||
| path_roles.go | ||
| path_roles_test.go | ||
| path_user.go | ||
| rollback.go | ||
| secret_access_keys.go | ||
| secret_access_keys_test.go | ||