feat: allow adding more trusted principals to task role

[parmouraly]

Description

Extra input variable to allow module users to optionally define extra principals that can assume the task role.
Apart from the main module code and documentation, the example is also updated to showcase how the new variable can be used.

Motivation and Context

At the moment, the only trusted entity to assume the task role is the absolute minimum ecs-tasks.amazonaws.com.
However sometimes it's convenient to allow adding more principals.
For example in order to allow easy SSM access into the Fargate task, ssm.amazonaws.com should be trusted too.

Breaking Changes

No breaking changes. Just adding an optional input variable.

How Has This Been Tested?

From my project downstream, I have referenced this PR branch and applied my infrastructure. It works as expected.

[parmouraly]

Hi @antonbabenko 👋
I would like to test this PR before I mark it as ready for review.
At the moment I am using this module with
source = "terraform-aws-modules/atlantis/aws"

Is it possible for me to change this source path so I can reference my branch?
I have tried unsuccessfully something like
source = "git::ssh://github.com/parmouraly/terraform-aws-atlantis.git?ref=feature/extra-trusted-entities"

Any help would be appreciated thanks!

[antonbabenko]

Should work like this - source = "git::[email protected]:parmouraly/terraform-aws-atlantis.git?ref=feature/extra-trusted-entities"

[parmouraly]

@antonbabenko are you waiting anything from me on this or can we merge please?

[antonbabenko]

Looks good, a minor comment before I can merge.

[antonbabenko]

Thanks!

v2.27.0 has been just released.

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.