terragrunt icon indicating copy to clipboard operation
terragrunt copied to clipboard

Published 20 hours ago verified publisher icon gruntwork-io

feat: Add support for all the assume-role attributes in the S3 remote state block

Open asvinours opened this issue 2 years ago • 1 comments

Describe the solution you'd like

Add support for extra assume-role attributes for S3 remote_state backend.

Right now it looks like terragrunt supports role_arn, external_id and session_name but not the session duration, the session policy nor the session tags attributes.

terraform s3 backend documentation: https://developer.hashicorp.com/terraform/language/settings/backends/s3#assume-role-configuration

Describe alternatives you've considered

One alternative is to not use the terragrunt remote_state block and use a generate block and generate a terraform file for the backend configuration. Although doing this takes away the automatic deployment of the S3 bucket and dynamoDB table.

asvinours avatar Oct 04 '23 14:10 asvinours

Additionally, assume_role_with_web_identity is not supported either. I am currently working around this by generating a ~/.aws/config file.

fe-ax avatar May 02 '24 13:05 fe-ax

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for raising this issue.

github-actions[bot] avatar Sep 28 '24 02:09 github-actions[bot]