Skip to content

Add IAM tagging support for iam_user roles in AWS secret engine#10953

Merged
Valarissa merged 4 commits into
masterfrom
add_iam_tag_support
Feb 26, 2021
Merged

Add IAM tagging support for iam_user roles in AWS secret engine#10953
Valarissa merged 4 commits into
masterfrom
add_iam_tag_support

Conversation

@Valarissa
Copy link
Copy Markdown

@Valarissa Valarissa commented Feb 19, 2021

This PR seeks to introduce the ability to add tags to user credentials generated by the AWS secret engine.

Details in usage are provided in the docs that have been updated with this feature, however, for ease of use, the following is an example of adding two tags to a role:

vault write aws/roles/my-role \
credential_type=iam_user \
iam_tags=test_key=test_value \
iam_tags=test_key2=test_value2 \
policy_document=-<<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "ec2:*",
      "Resource": "*"
    }
  ]
}
EOF

@vercel vercel Bot temporarily deployed to Preview – vault-storybook February 22, 2021 16:55 Inactive
kalafut
kalafut reviewed Feb 22, 2021
View reviewed changes
Comment thread builtin/logical/aws/backend_test.go Outdated
kalafut
kalafut reviewed Feb 22, 2021
View reviewed changes
Comment thread builtin/logical/aws/path_roles.go Outdated
kalafut
kalafut reviewed Feb 22, 2021
View reviewed changes
Comment thread builtin/logical/aws/secret_access_keys.go Outdated
kalafut
kalafut reviewed Feb 22, 2021
View reviewed changes
Comment thread builtin/logical/aws/secret_access_keys.go Outdated
@vercel vercel Bot temporarily deployed to Preview – vault-storybook February 22, 2021 23:33 Inactive
@vercel vercel Bot temporarily deployed to Preview – vault February 22, 2021 23:33 Inactive
pcman312
pcman312 reviewed Feb 23, 2021
View reviewed changes
Comment thread builtin/logical/aws/backend_test.go Outdated
Comment thread builtin/logical/aws/path_roles.go
Comment thread builtin/logical/aws/secret_access_keys.go Outdated
Comment thread website/content/api-docs/secret/aws.mdx
@vercel vercel Bot temporarily deployed to Preview – vault-storybook February 24, 2021 23:27 Inactive
Lauren Voswinkel added 4 commits February 25, 2021 15:36
Added support for iam_tags for AWS secret roles
4e4d4a0 
This change allows iam_users generated by the secrets engine
to add custom tags in the form of key-value pairs to users
that are created.
Add docs for using iam_tags
c72f80d
Minor adjustments
2809939
Docs changes and some other minor fixes
ff493ec
@vercel vercel Bot temporarily deployed to Preview – vault-storybook February 25, 2021 23:36 Inactive
@Valarissa Valarissa merged commit eece14e into master Feb 26, 2021
Valarissa pushed a commit that referenced this pull request Mar 10, 2021
Add changelog entry for #10953
6ee2053
Valarissa pushed a commit that referenced this pull request Mar 10, 2021
Add changelog entry for #10953 (#11077)
347ac08
Valarissa pushed a commit that referenced this pull request Mar 10, 2021
Add changelog entry for #10953 (#11077)
6037fc0
Valarissa pushed a commit that referenced this pull request Mar 11, 2021
Add changelog entry for #10953 (#11077) (#11079)
1f685ca
@nicholaswold nicholaswold mentioned this pull request Apr 6, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@catsby catsby Awaiting requested review from catsby

@calvn calvn Awaiting requested review from calvn

@austingebauer austingebauer Awaiting requested review from austingebauer

2 more reviewers

@kalafut kalafut kalafut left review comments

@pcman312 pcman312 pcman312 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Valarissa @pcman312 @kalafut