Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for IAM credentials #68

Closed
wants to merge 2 commits into from
Closed

Add support for IAM credentials #68

wants to merge 2 commits into from

Conversation

daanemanz
Copy link

As mentioned in #55.

This change will add support for using IAM temporary credentials when creating EC2 instances. Currently the credentials will have to be set in the environment, while an EC2 instance that's set up with an IAM profile can fetch its temporary credentials from the metadata server.

@drosenstark
Add support for IAM credentials
00f3231 
As mentioned in #55.

This change will add support for using IAM temporary credentials when creating EC2 instances. Currently the credentials will have to be set in the environment, while an EC2 instance that's set up with an IAM profile can fetch its temporary credentials from the metadata server.
@drosenstark
Make all the tests pass
ee1ecc5
@Igorshp
Copy link
Contributor

Igorshp commented Mar 9, 2015

👍 Was just looking into enabling this. Glad someone already fixed the problem.
inability to use roles for auth is the only thing stoping kitchen to be run on jenkins at the moment

Igorshp added a commit to Igorshp/kitchen-ec2 that referenced this pull request Mar 10, 2015
@Igorshp
Use AIM role for authentication
9200db8 
tweak for PR by daanemanz
test-kitchen#68

he has since deleted his fork, so I can't submit a PR to him.
@Igorshp Igorshp mentioned this pull request Mar 10, 2015
Merged
@tyler-ball
Copy link
Contributor

iam_creds shouldn't be a class-level local variable. It can be a memoized instance variable like

def iam_creds
  @iam_creds ||= begin
    fetch_credentials(use_iam_profile: true)
  rescue # TODO what exception does this raise on failure?
    debug("fetch_credentials failed with exception #{e.message}:#{e.backtrace.join("\n")}")
    {}
  end
end

I also don't like rescuing all possible exceptions. That could be catching a SystemExit or something and hiding good debugging information from us. Otherwise, this looks good to me.

Igorshp added a commit to Igorshp/kitchen-ec2 that referenced this pull request Mar 30, 2015
@Igorshp
Use AIM role for authentication
0142ce3 
tweak for PR by daanemanz
test-kitchen#68

he has since deleted his fork, so I can't submit a PR to him.
@tyler-ball
Copy link
Contributor

Closing this as it was merged in #104

@tyler-ball tyler-ball closed this Apr 10, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@daanemanz @Igorshp @tyler-ball @drosenstark