Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IAM role notes for various KMS cloud APIs #295

Merged
merged 4 commits into from
Jan 10, 2024
Merged

IAM role notes for various KMS cloud APIs #295

merged 4 commits into from
Jan 10, 2024

Conversation

tashian
Copy link
Contributor

@tashian tashian commented Jan 9, 2024
edited
Loading

@tashian tashian requested a review from a team as a code owner January 9, 2024 23:55
maraino
maraino requested changes Jan 10, 2024
View reviewed changes
Copy link
Contributor

@maraino maraino left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can get rid of the *list roles. This also doesn't fix the issue mentioned, as it is specifically for step-kms-plugin that can create keys.

step-ca/configuration.mdx Outdated Show resolved Hide resolved
step-ca/configuration.mdx Outdated Show resolved Hide resolved
step-ca/configuration.mdx Show resolved Hide resolved
step-ca/configuration.mdx Show resolved Hide resolved
maraino
maraino reviewed Jan 10, 2024
View reviewed changes
Copy link
Contributor

@maraino maraino left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM: It's clear in the docs that this is for step-ca.

It would be nice to make sure this works and also add the roles for step-kms-plugin

@tashian
Copy link
Contributor Author

tashian commented Jan 10, 2024

@maraino I'll add roles for step-kms-plugin in a separate PR.
Could you approve this PR?
It's still saying changes requested.

@tashian tashian merged commit 711e272 into main Jan 10, 2024
2 checks passed
@tashian tashian deleted the carl/kms-iam-notes branch January 10, 2024 18:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maraino maraino maraino approved these changes

@hslatman hslatman Awaiting requested review from hslatman

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Document required IAM permissions for AWS KMS (but also for other providers)
2 participants
@tashian @maraino