Hi Pulumi community,
How to login into s3 backend ...
# generalc
cool-vr-43155
01/30/2023, 8:59 AMHi Pulumi community,
How to login into s3 backend using AWS IAM role?
supplying the
pulumi config set aws:assumeRolee
echoing-dinner-19531
01/30/2023, 9:13 AMbackends don't (currently) support explicit configuration. They'll just pull credentials from the standard environment variables like AWS_PROFILE.
c
cool-vr-43155
01/30/2023, 9:15 AM@echoing-dinner-19531 Thanks for the quick response.
is there a workaround that currently people are using?
cool-vr-43155
01/30/2023, 9:16 AMBecause we can't inject aws creds into the pulumi kubernetes operator
e
echoing-dinner-19531
01/30/2023, 9:19 AMIt should be the same set of envvars that aws cli uses (https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html).
I guess you've got to inject enough credentials to allow the role assumption, but aws creds are not my expertise I'm afraid. I'd take a look at the aws docs linked above, and maybe link to this thread in #aws
c
cool-vr-43155
01/30/2023, 11:52 AMThanks @echoing-dinner-19531!,
I wrote a watcher pod which will inject aws creds into a kubneretes secret and I'm refrerring that secret in the Stack resource. When the kubernetes secret gets updated will Pulumi operator pull the latest secret?
cool-vr-43155
01/30/2023, 11:53 AMMy problem is we don't have static aws creds, we need to periodically refresh the access creds. Somehow Pulumi operator should get the latest AWS creds
e
echoing-dinner-19531
01/30/2023, 12:33 PMOh I don't know, might be worth raising an issue at https://github.com/pulumi/pulumi-kubernetes-operator/issues
c
cool-vr-43155
01/30/2023, 2:05 PMOkay, Thanks for the help!
3 Views