feat: add iam-role argument

[a-hat]

Pull Request

Related Github Issues

• [none]

Description

Adds a new argument --iam-role which passes the given role ARN to terragrunt (see https://terragrunt.gruntwork.io/docs/reference/cli-options/#terragrunt-iam-role).

Security Implications

• [none]

System Availability

• [none]

[Almenon]

terragrunt-atlantis-config just generates a config, so it doesn't need a IAM role, but I could be mistaken?

[a-hat]

terragrunt-atlantis-config just generates a config, so it doesn't need a IAM role, but I could be mistaken?

@Almenon Thanks for your feedback! Unfortunately it does. As far as I understand, to generate the config terragrunt is called, which will need to retrieve the terraform state from the remote location. In our case this is a AWS backend, and we need to assume the role to access it.

[Almenon]

I also have a AWS backend. I'm able to generate the config without AWS credentials.

[a-hat]

I also have a AWS backend. I'm able to generate the config without AWS credentials.

If I try to generate the config without the assume role parameter, I get 4xx errors accessing the AWS API. I don't know exactly what terragrunt does, maybe it tries to retrieve outputs of a module from the state.