-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added support of assume roles from profiles and the load of parameters from parent profile #1092
Conversation
…ters from parent profile
About the failed test... I'm not sure how the following error is related to my changes...
|
On the test failure, I agree that I don't think it's your change. |
So, I want to make a master issue for this soon, but we're currently figuring out the correct approach for supporting these features across SDKs in a consistent way. There's probably going to be a delay in pulling this in while we are figuring it out, but we're not ignoring this. |
Guys, do you have any updates? |
Any news? This feature is a must. |
profile['aws_access_key_id'], | ||
profile['aws_secret_access_key'], | ||
profile['aws_session_token'] | ||
) | ||
@credentials = if role_arn = profile['role_arn'] | ||
AssumeRoleCredentials.new( | ||
role_session_name: [*('A'..'Z')].sample(16).join, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
random name seems a bit strange ... how about "assumed-#{profile_name}-#{ENV['USER']}"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually you propose the cosmetic change. :) If this one is only blocker I'll do it ;)
@trevorrowe could you comment on mergability / what is missing ? |
We're closing in on how we want to approach this. One change will be that some of these changes may be gated by an environment variable - anything that would risk possible backwards incompatibility. Will be keeping this open in the meantime, the intention is to merge this or to otherwise implement this. |
I'd suggest a credentials setting itself On Thu, Mar 31, 2016 at 9:55 AM, Alex Wood [email protected] wrote:
|
That's actually an interesting approach I hadn't considered. I'll definitely add that to the discussion we're having about broadening this support - I agree that also solves the problem. Would likely be implemented as |
Thank you for this. We're moving forward, but I'm going to use #1132 as the main PR for this since you're doing essentially the same thing, and that PR is slightly further along. Let's move the conversation there. |
List of changes:
We can create the aws cli syntax compatible tool by use these changes, for example:
UPD: This change the mostly the same to #998. But I found it a too late, when my changes were ready to commit ;)