Skip to content

[v10] Add AWS Roles to the buildbox pipeline #17296

Merged
wadells merged 2 commits into
branch/v10from
walt/v10-fix-role-assumption
Oct 11, 2022
Merged

[v10] Add AWS Roles to the buildbox pipeline #17296
wadells merged 2 commits into
branch/v10from
walt/v10-fix-role-assumption

Conversation

@wadells
Copy link
Copy Markdown
Contributor

@wadells wadells commented Oct 11, 2022
edited
Loading

Backports #17274 to v10

This fixes the buildbox pipeline error seen here:

An error occurred (AccessDeniedException) when calling the GetAuthorizationToken operation: User: arn:aws:iam::146628656107:user/teleport_build_user_read_only is not authorized to perform: ecr-public:GetAuthorizationToken on resource: * because no identity-based policy allows the ecr-public:GetAuthorizationToken action

https://drone.platform.teleport.sh/gravitational/teleport/16333/10/4

Contributes to https://github.com/gravitational/SecOps/issues/213.

Testing

See #17274

@wadells
Add AWS Roles to the buildbox pipeline
3a66fe3
@wadells
Fix AWS Roles in tagPackagePipelines
75a78b1 
These were broken, as I didn't realize that the build step needed AWS
access to fetch the buildbox.
@wadells wadells enabled auto-merge (squash) October 11, 2022 18:47
@wadells wadells merged commit 6ab3535 into branch/v10 Oct 11, 2022
@github-actions github-actions Bot removed the request for review from logand22 October 11, 2022 18:48
@wadells wadells mentioned this pull request Oct 11, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@r0mant r0mant r0mant approved these changes

+1 more reviewer

@reedloden reedloden reedloden approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

backport

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@wadells @r0mant @reedloden