feat: attach extra iam policies #37
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* enable datadog -> s3 logs archiving * use tf 0.12 * Provider source not supported in Terraform v0.12 Co-authored-by: Toni Mauno <toni.mauno@gofore.com>
Co-authored-by: Toni Mauno <toni.mauno@gofore.com>
* feat: changes dd lambda default version from v3.17.0 to v3.27.0 change the datadog lambda forwarder version from v3.17.0 to v3.27.0. There are many feature improvements in this version such as the support for SNS topic subscriptions for S3 bucket events * fix: Add missing cloudwatch:ListMetrics access for AWS integration (scribd#27) * chore(release): 2.0.1 [skip ci] ## [2.0.1](scribd/terraform-aws-datadog@v2.0.0...v2.0.1) (2021-01-22) ### Bug Fixes * Add missing cloudwatch:ListMetrics access for AWS integration ([scribd#27](scribd#27)) ([f7c80c2](scribd@f7c80c2)) * chore(release): 2.1.0 [skip ci] # [2.1.0](scribd/terraform-aws-datadog@v2.0.1...v2.1.0) (2021-03-16) ### Features * changes dd lambda default version from v3.17.0 to v3.27.0 ([8e455a8](scribd@8e455a8)) * feat: enable support for terraform 0.14 * chore(release): 2.2.0 [skip ci] # [2.2.0](scribd/terraform-aws-datadog@v2.1.0...v2.2.0) (2021-03-19) ### Features * enable support for terraform 0.14 ([c65a0d0](scribd@c65a0d0)) * feat: enable support for Terraform 1.0 (scribd#32) * chore(release): 2.3.0 [skip ci] # [2.3.0](scribd/terraform-aws-datadog@v2.2.0...v2.3.0) (2021-07-14) ### Features * enable support for Terraform 1.0 ([scribd#32](scribd#32)) ([5410502](scribd@5410502)) * bug: fix datadog IAM policy to prevent numerous CloudTrail errors for v2 * chore(release): 2.3.1 [skip ci] ## [2.3.1](scribd/terraform-aws-datadog@v2.3.0...v2.3.1) (2021-08-17) ### Bug Fixes * Merge pull request [scribd#35](scribd#35) from scribd/taylorsmcclure/fix-iam-policy-v2 ([7bf7868](scribd@7bf7868)) Co-authored-by: Taylor McClure <taylor@scribd.com> Co-authored-by: Rusty Chain <rchain@axs.com> Co-authored-by: semantic-release-bot <semantic-release-bot@martynus.net> Co-authored-by: Jim Park <jimp@scribd.com> Co-authored-by: Andrew Wiggins <59580098+andrew-wiggins@users.noreply.github.com>
|
Thanks @bcha, this looks good! |
github-actions bot
pushed a commit
that referenced
this pull request
Aug 25, 2021
# [2.4.0](v2.3.1...v2.4.0) (2021-08-25) ### Features * attach extra iam policies ([#37](#37)) ([8411cad](8411cad))
|
🎉 This PR is included in version 2.4.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
adds datadog-core-attach-extras, a simple feature to just allow extra policies to be attached to the core integration role. we've been using this for like over 6 months in a fork with the datadog s3 log archive functionality, which uses the same role as the core integration & requires some extra s3 permissions.
i'm not personally aware of other similarish cases where the core role would need some extra permissions, but if there are any then this can be used for those too
plus fix some terraform fmt issues while at it