https://pulumi.com logo
Powered by
p

powerful-continent-32307

08/12/2021, 1:00 AM
Im using aws and need to use a specific role to connect to and perform changes, is there anything on setting the cli to allow this?
b

billowy-army-68599

08/12/2021, 1:18 AM
Yes, you can either assume a role as part of an AWS profile, or use assume role on the provider
p

powerful-continent-32307

08/12/2021, 1:25 AM
in the cli? I dont want to create one, just have pulumi use it from the cli credentials
I think i misunderstood
l

little-cartoon-10569

08/12/2021, 2:15 AM
For the "assume a role as part of an AWS profile" suggestion: once you've set up an AWS profile in your ~/.aws/credentials file, you can set up another one in your ~/.aws/config file that has the 
source_profile
and 
role_arn
properties. Then tell Pulumi to use that profile by setting your AWS_PROFILE environment variable.
For the "use assume role on the provider" suggestion, you manually create an AWS provider (instead of using the default one) and provide the 
assumeRole
property. The API docs for this are here: https://www.pulumi.com/docs/reference/pkg/aws/provider/ To use this provider instead of the default one, pass it as the value of the 
provider
opt. More info here: https://www.pulumi.com/docs/intro/concepts/resources/#options and here: https://www.pulumi.com/docs/intro/concepts/resources/#provider
p

powerful-continent-32307

08/12/2021, 3:59 AM
I have setup ~/.aws/credentials file, and ~/.aws/config file that has the 
source_profile
 and 
role_arn
 properties. Then set AWS_PROFILE environment variable and still has permission issues which i confirm works elsewhere
I just want to use a specific role for the whole project
r

rough-farmer-61054

08/12/2021, 10:57 AM
Are those issues related to IAM?
b

billowy-army-68599

08/12/2021, 3:02 PM
@powerful-continent-32307 did you get this working? if not, I can jump on a call with you to show you some options
3 Views
Powered by