Open mrkovalchuk opened 1 year ago
aiodynamo
doesn't support AWS Web Identity Token File authentication.
sorry to be nit-picky, but aiodynamo
technically supports any kind of authentication you want, because it allows you to provide a custom credentials loader.
I assume you meant to say "doesn't support it out of the box" and that's fair.
As in #128 #127, my biggest concern with adding this to aiodynamo itself is "how do we test this" (both in unit tests/integration tests and manually on actual EKS). I do not use k8s so if you want to provide an implementation of this credentials loader, please make sure to avoid the issues outlined in #127 and provide clear and simple instructions on how to verify your implementation on EKS/k8s.
sorry to be nit-picky, but aiodynamo technically supports any kind of authentication you want, because it allows you to provide a custom credentials loader.
You're right =) Of course, I meant "doesn't support it out of the box", sorry about it 👍 Also, I didn't expect your answer so quickly!
I prepare some workaround that works for me. I need approval on a concept.
and provide clear and simple instructions on how to verify your implementation on EKS/k8s.
👍
aiodynamo
doesn't support AWS Web Identity Token File authenticationdoesn't support AWS Web Identity Token File authentication out of the box.It looks like a typical case. For my team, we would like to use that authentication in our services in k8s by using IAM Roles for Service Accounts(IRSA)
Related issue: https://github.com/HENNGE/aiodynamo/issues/128 Related PR: https://github.com/HENNGE/aiodynamo/pull/127
There was a similar issue, but I decided to create another one because I think we can describe our goal and issue more directly.
So, as discovered in a related PR, we should implement the
AssumeRoleWithWebIdentity
API for this authentication.