Skip to content

Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled#50402

Merged
greedy52 merged 5 commits intomasterfrom
STeve/42371_fix_aws_ssm
Jan 6, 2025
Merged

Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled#50402
greedy52 merged 5 commits intomasterfrom
STeve/42371_fix_aws_ssm

Conversation

@greedy52
Copy link
Copy Markdown
Contributor

@greedy52 greedy52 commented Dec 18, 2024

changelog: Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled

fixes #42371

@greedy52 greedy52 requested a review from GavinFrazar December 18, 2024 21:20
@greedy52 greedy52 self-assigned this Dec 18, 2024
@github-actions github-actions Bot added size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport. labels Dec 18, 2024
@greedy52 greedy52 force-pushed the STeve/42371_fix_aws_ssm branch from 9a5e929 to 1a7cb42 Compare December 18, 2024 21:22
@greedy52 greedy52 force-pushed the STeve/42371_fix_aws_ssm branch from 1a7cb42 to 3cba873 Compare December 18, 2024 21:47
@GavinFrazar
Copy link
Copy Markdown
Contributor

GavinFrazar commented Dec 18, 2024

nice! I found and started watching this ~2 year old issue in the ssm plugin repo:

If they ever fix it to actually respect AWS_CA_BUNDLE then we'll need to handle it by forwarding to the local proxy again, except we'll have to skip sigv4 signing in the app agent (I think). Or include AWS CAs in our app bundle and keep forwarding to AWS like this PR does.

@greedy52 greedy52 enabled auto-merge January 6, 2025 19:23
@greedy52 greedy52 added this pull request to the merge queue Jan 6, 2025
Merged via the queue into master with commit f650376 Jan 6, 2025
@greedy52 greedy52 deleted the STeve/42371_fix_aws_ssm branch January 6, 2025 19:47
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Jan 6, 2025

@greedy52 See the table below for backport results.

Branch Result
branch/v15 Failed
branch/v16 Failed
branch/v17 Failed

@greedy52 greedy52 mentioned this pull request Jan 6, 2025
Closed
greedy52 added a commit that referenced this pull request Jan 6, 2025
@greedy52
Fix an issue "tsh aws ssm start-session" fails when KMS encryption is…
18e1633 
… enabled (#50402)

* Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled

* remove httputil dump

* fix ut

* remove unused funcs
greedy52 added a commit that referenced this pull request Jan 6, 2025
@greedy52
Fix an issue "tsh aws ssm start-session" fails when KMS encryption is…
9abeb8c 
… enabled (#50402)

* Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled

* remove httputil dump

* fix ut

* remove unused funcs
greedy52 added a commit that referenced this pull request Jan 6, 2025
@greedy52
Fix an issue "tsh aws ssm start-session" fails when KMS encryption is…
03b1a92 
… enabled (#50402)

* Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled

* remove httputil dump

* fix ut

* remove unused funcs
This was referenced Jan 6, 2025
Merged
Merged
Merged
github-merge-queue Bot pushed a commit that referenced this pull request Jan 8, 2025
@greedy52
Fix an issue "tsh aws ssm start-session" fails when KMS encryption is…
36b5923 
… enabled (#50402) (#50797)

* Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled

* remove httputil dump

* fix ut

* remove unused funcs
github-merge-queue Bot pushed a commit that referenced this pull request Jan 8, 2025
@greedy52
Fix an issue "tsh aws ssm start-session" fails when KMS encryption is…
fd41db9 
… enabled (#50402) (#50796)

* Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled

* remove httputil dump

* fix ut

* remove unused funcs
github-merge-queue Bot pushed a commit that referenced this pull request Jan 8, 2025
@greedy52
Fix an issue "tsh aws ssm start-session" fails when KMS encryption is…
e2dcafd 
… enabled (#50402) (#50798)

* Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled

* remove httputil dump

* fix ut

* remove unused funcs
carloscastrojumo pushed a commit to carloscastrojumo/teleport that referenced this pull request Feb 19, 2025
@greedy52 @carloscastrojumo
Fix an issue "tsh aws ssm start-session" fails when KMS encryption is…
3f4e49a 
… enabled (gravitational#50402)

* Fix an issue "tsh aws ssm start-session" fails when KMS encryption is enabled

* remove httputil dump

* fix ut

* remove unused funcs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ravicious ravicious ravicious approved these changes

@GavinFrazar GavinFrazar GavinFrazar approved these changes

Assignees

@greedy52 greedy52

Labels

backport/branch/v17 size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

tsh aws ssm start-session --target <instance-id> fails when KMS encryption is enabled on Session Manager

3 participants

@greedy52 @GavinFrazar @ravicious