One Service Account for several roles?


We are using Qovery to deploy a script on a S3 bucket. Hence, we needed a role with limited permissoins on a specific S3 bucket. Following the Use AWS IAM roles with Qovery, we made it work.

Hence, we currently have two services for this task: a service account (SA) service, and a deployment lifecycle service.

Now, we would need a second role in our environment. We could probably create a second SA service for this task, but I’m wondering if there is a way to re-use the existing one, just changing the security.service_account_name advanced settings on the consumers?

How would the sa.yaml file look like if we need to propose different roles, as we have a single role-arn property:

    annotations: $AWS_ROLE_ARN


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.