This repository was archived by the owner on Apr 2, 2020. It is now read-only.
This repository was archived by the owner on Apr 2, 2020. It is now read-only.
Ability to provide existing role #10
Description
Issue: Getting
AccessDenied: User: arn:aws:sts::XXXXXXXXXXXXXX:assumed-role/XXXXXXXX is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::XXXXXXXXXX:role/<RANDOM_NAME>
I think it is ideal to provide an ability for specifying a role name that already exists.
In certain organizations the role creation might have restriction.
Ex: Allow creation of new roles only if a standard permission boundary is attached to it.
In those lines custom role creation will always run into issues.. So if an IAM role is provided, on the fly role creation should be skipped and provided role should be attached to the resources.
@eahefnawy Thoughts ?