search

EngineerBetter / concourse-up

Deprecated - used Control Tower instead
https://github.com/EngineerBetter/control-tower
Apache License 2.0
203 stars 29 forks source link

AWS_PROFILE support #16

Closed fralalonde closed 6 years ago

fralalonde commented 6 years ago

I'm trying to setup a new concourse instance but I need to switch AWS role to get full access to the target env. 

AWS_PROFILE="alternate_profile" AWS_ACCESS_KEY_ID="****" \
AWS_SECRET_ACCESS_KEY="******" \
concourse-up deploy --region us-east-1  concourse

Profile does not seem to take effect :

Forbidden: Forbidden
        status code: 403, request id: ******

Also specifying AWS_SDK_LOAD_CONFIG=1 did not help.

It would be nice if concourse-up used the default profile credentials or those from the specified AWS_PROFILE so that KEYs vars do no need to be specified.

will-gant commented 6 years ago

Thanks. We'll have a discussion internally about whether we want to add this to our backlog. It could indeed make things a little more convenient if we picked up the default profile creds.

Apologies for the very long delay in responding to you.

irbekrm commented 6 years ago

Done. concourse-up now retrieves AWS credentials with the same logic as the AWS CLI, with the caveat that temporary security credentials are not supported.