search

NetApp / terraform-provider-netapp-cloudmanager

Terraform provider to create NetAPP OCCM instances, CVO resources, volumes, snapshots, ... in Azure, AWS, GCP.
Mozilla Public License 2.0
17 stars 27 forks source link

Assume Role does not work for NetApp connector & CVO deployment #122

Open bryanheo opened 2 years ago

bryanheo commented 2 years ago

Hello

We are trying to deploy Connector and CVO via assume role as shown below but it returns an error 'UnauthorizedOperation'. When we deploy the connector and CVO with IAM user, the deployment works fine. Both IAM user and Assume role use the same policy. AWS resources are also created with the assume role but only netapp-cloudmanager_connector_aws and netapp-cloudmanager_cvo_aws are not created

Can NetApp resources be deployed by Assume role rather than IAM user? 

provider "aws" {
  region = var.region

  assume_role {
    role_arn     = "arn:aws:iam::${var.account_id}:role/tfe-netapp-deploy"
    session_name = "tfe-netapp"
  }

}

Error Screenshot 2022-08-17 at 21 41 06

Regards Moon

lonico commented 2 years ago

Yes, this is not supported at present. This is something we are currently working on for FSxN.

bryanheo commented 2 years ago

@lonico Thank you for the confirmation. We will use IAM user for now

lonico commented 2 years ago

DEVOPS-5351