You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Role is actually required in the 3 policies examples at https://cloudcustodian.io/docs/policy/lambda.html so it would help beginners to include the role example from the config rule example in the first three policies as well. In addition, it would also help beginners to show some minimal IAM policy for that role that would at least allow documentation examples to run.
The text was updated successfully, but these errors were encountered:
Right, I think it should be clarified as well that the --assume-role option in the custodian run cli command will also be picked up as the role if no role is given in the policy file
Role is only required if not doing assume role on cli. The error msg should
make that clear, but noted on the experience. We could produce an iam
role/policy gen script from the annotations on various filters and actions
however, without functional test harnesses that exercise them we’ll have
some gaps exposed I suspect, still perfect should not be the enemy of the
good. I’ll pr a for a script in tools/ops for it.
On Wed, Dec 19, 2018 at 1:08 PM Sonny ***@***.***> wrote:
Right, I think it should be clarified as well that the --assume-role
option in the custodian run cli command will also be picked up as the role
if no role is given in the policy file
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#3262 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AABUkvgTb_Q-uo--VqFccI75jUtKLeMZks5u6oCfgaJpZM4ZZvsY>
.
Role is actually required in the 3 policies examples at https://cloudcustodian.io/docs/policy/lambda.html so it would help beginners to include the role example from the config rule example in the first three policies as well. In addition, it would also help beginners to show some minimal IAM policy for that role that would at least allow documentation examples to run.
The text was updated successfully, but these errors were encountered: