https://pulumi.com logo
Join Slack
Powered by
Im using aws and need to use a specific role to co...
# general
p
Im using aws and need to use a specific role to connect to and perform changes, is there anything on setting the cli to allow this?
b
Yes, you can either assume a role as part of an AWS profile, or use assume role on the provider
p
in the cli? I dont want to create one, just have pulumi use it from the cli credentials
I think i misunderstood
l
For the "assume a role as part of an AWS profile" suggestion: once you've set up an AWS profile in your ~/.aws/credentials file, you can set up another one in your ~/.aws/config file that has the 
source_profile
and 
role_arn
properties. Then tell Pulumi to use that profile by setting your AWS_PROFILE environment variable.
For the "use assume role on the provider" suggestion, you manually create an AWS provider (instead of using the default one) and provide the 
assumeRole
property. The API docs for this are here: https://www.pulumi.com/docs/reference/pkg/aws/provider/ To use this provider instead of the default one, pass it as the value of the 
provider
opt. More info here: https://www.pulumi.com/docs/intro/concepts/resources/#options and here: https://www.pulumi.com/docs/intro/concepts/resources/#provider
p
I have setup ~/.aws/credentials file, and ~/.aws/config file that has the 
source_profile
 and 
role_arn
 properties. Then set AWS_PROFILE environment variable and still has permission issues which i confirm works elsewhere
I just want to use a specific role for the whole project
r
Are those issues related to IAM?
b
@powerful-continent-32307 did you get this working? if not, I can jump on a call with you to show you some options
18 Views
Open in Slack
PreviousNext
Powered by