Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Support additional_policy in post_deployments Section #5939

Open
ZeeshanZubair2 opened this issue Sep 10, 2024 · 1 comment
Open

Feature Request: Support additional_policy in post_deployments Section #5939

ZeeshanZubair2 opened this issue Sep 10, 2024 · 1 comment
Labels
type/enhancement Issues that are improvements for existing features. type/feature Issues that are new feature requests. type/request Issues that are created by customers.

Comments

@ZeeshanZubair2
Copy link

Description

I would like to request support for the additional_policy property in the post_deployments section of the pipeline manifest. This enhancement would allow users to specify additional IAM policies for tasks executed after deployments, offering greater flexibility and control over permissions during the post-deployment phase.

Proposed Code Snippet:

Here is an example of how the additional_policy property can be utilized in the post_deployments section:

  update_migration_service:
    buildspec: /post-deploy-buildspec.yml
    additional_policy:
      PolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Action:
              - ecs:ListClusters
              - ecs:ListServices
              - ecs:UpdateService
            Resource: '*'
    depends_on: [service_name]

Use Case:

In scenarios where post-deployment tasks require specific permissions not covered by the default policies, users would benefit from the ability to specify additional IAM policies. For instance, when updating ECS services or interacting with other AWS resources, tailored permissions can be crucial for successful execution.
@ZeeshanZubair2 ZeeshanZubair2 added type/enhancement Issues that are improvements for existing features. type/feature Issues that are new feature requests. type/request Issues that are created by customers. labels Sep 10, 2024
@KollaAdithya
Copy link
Contributor

Hello @ZeeshanZubair2 !

Can you use copilot pipeline override feature that will help you to add an new policy

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type/enhancement Issues that are improvements for existing features. type/feature Issues that are new feature requests. type/request Issues that are created by customers.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@KollaAdithya @ZeeshanZubair2