Feature request: more flexible local group assignment
mluypaert opened this issue · comments
mluypaert commented
Current local group management is limited to assigning local groups to all users through
the LOCAL_GROUPS
config. This however does not allow select IAM groups to be assigned to certain local user groups. Also, once assigned a group, this group is currently maintain on config changes because of the fix for issue #56 implemented in commit 3150a27.
I implemented this feature in pull request #151:
- Through the use of a JSON string that can be define directly in the config file, or through the use of a EC2-tag, (users in) select IAM-groups can be assigned to select local groups
- Since this feature can also be used to fix #56 (option 3 in the issue description is implemented here), assigned groups can now automatically be removed from users once a user is no longer defined as part of a local group, allowing for more flexible and cleaner group assignments.