This repository was archived by the owner on Nov 8, 2021. It is now read-only.
Feature request: more flexible local group assignment #152
Description
Current local group management is limited to assigning local groups to all users through
the LOCAL_GROUPS config. This however does not allow select IAM groups to be assigned to certain local user groups. Also, once assigned a group, this group is currently maintain on config changes because of the fix for issue #56 implemented in commit 3150a27.
I implemented this feature in pull request #151:
- Through the use of a JSON string that can be define directly in the config file, or through the use of a EC2-tag, (users in) select IAM-groups can be assigned to select local groups
- Since this feature can also be used to fix import_iam_users stripping users of groups manually added from *NIX shell #56 (option 3 in the issue description is implemented here), assigned groups can now automatically be removed from users once a user is no longer defined as part of a local group, allowing for more flexible and cleaner group assignments.