This message was deleted.
# generals
sparse-intern-71089
03/25/2021, 6:50 PMThis message was deleted.
b
bored-oyster-3147
03/25/2021, 6:59 PMI think stack references might require that the stacks on both sides have the same passphrase
bored-oyster-3147
03/25/2021, 6:59 PMas long as your IAM user can GetObject in the bucket you should be good on that front I think
c
colossal-australia-65039
03/25/2021, 7:11 PMi'm concerned with a service user having permissions to read the entire state of another stack when all it needs is a couple non-secret outputs from it
b
bored-oyster-3147
03/25/2021, 8:45 PMUnfortunately I don't think you can do partial stack references, but there might be a feature request for it though. Or you could make one
w
worried-knife-31967
03/25/2021, 8:56 PMcorrect, this is a limitation... and if you think about it, it makes sense... in order for the stack reference to be able to decode the secrets from the other stack, it will need to know the passphrase of the source stack, as well as it's own. so, in essence, there would need to be a way to pass the source stack's passphrase to the StackReference
b
bored-oyster-3147
03/25/2021, 9:05 PMcould be an input on the stack reference "resource" that way you could pass it in and they could be different. And a
PublicStackReference➕ 1
w
worried-knife-31967
03/25/2021, 9:19 PMsure, but right now, as you can't, that's the reason it won't be able to do it.
b
bored-oyster-3147
03/25/2021, 9:20 PMyes, we're aware. I was talking about a feature request.
☝️ 2
6 Views