Support AssumeRole #170
Labels
Comments
|
No updates ? |
|
It seems that this has been implemented; however, when I use --profile, it doesn't seem to be assuming that role. We log into a primary account and sts:assumerole to access our secondary accounts. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Abstract
Authentication should be allowed through the AssumRole API
Proposal
No longer require access key and secret to be set.
One example is to have AWS Config and Credentials files setup like this:
Credentials:
[tf-state]
aws_access_key_id = xxx
aws_secret_access_key = xxx
Config:
[profile tf-state]
region = us-east-1
output = json
[profile tf-something-test]
role_arn = arn:aws:iam::123456789012:role/orgrole-terraform-cas
source_profile = tf-state
region = us-east-1
[profile tf-something-dev]
role_arn = arn:aws:iam::123456789654:role/orgrole-terraform-cas
source_profile = tf-state
region = us-east-1
Implementation
Allow setting of --aws-shared-config-file and remove the requirement for "access-key" to be set.
The text was updated successfully, but these errors were encountered: