Open jmpsf opened 4 years ago
Hi,
IAM Roles support has been discussed in https://github.com/Neilpang/acme.sh/issues/453 and https://github.com/Neilpang/acme.sh/pull/512
Though there is still no solution to use the awscli credentials fetched automatically from the instance metadata.
A possible solution would be to integrate what is been said in the 453 issue inside acme.sh
ROLE=`curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/` curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/$ROLE> /tmp/aws.keys export AWS_ACCESS_KEY_ID=`cat /tmp/aws.keys | jq -j '.AccessKeyId'` export AWS_SECRET_ACCESS_KEY=`cat /tmp/aws.keys | jq -j '.SecretAccessKey'` export AWS_SESSION_TOKEN=`cat /tmp/aws.keys | jq -j '.Token'`
From what I see in the code : https://github.com/acmesh-official/acme.sh/blob/c8c1c09189cac5da52424a36eb0846f4da385fa6/dnsapi/dns_aws.sh#L211-L213
It seems that it's supported
Hi,
IAM Roles support has been discussed in https://github.com/Neilpang/acme.sh/issues/453 and https://github.com/Neilpang/acme.sh/pull/512
Though there is still no solution to use the awscli credentials fetched automatically from the instance metadata.
A possible solution would be to integrate what is been said in the 453 issue inside acme.sh