Allow for custom IAM Role and clean-up of the generated role

aws / amazon-ec2-spot-interrupter

The ec2-spot-interrupter is a simple CLI tool that triggers Amazon EC2 Spot Interruption Notifications and Rebalance Recommendations.

Apache License 2.0

87 stars 11 forks source link

Allow for custom IAM Role and clean-up of the generated role #18

Open bwagner5 opened 2 years ago

bwagner5 commented 2 years ago

Describe the feature

Allow for the ec2-spot-interrupter to use a user specific IAM role rather than the default generated one.
Allow for the ec2-spot-interrupter to delete the generated IAM role.

To Reproduce Steps to demonstrate the desired behavior:

## Generates an IAM role for FIS to use, but there is no way to delete the role from the CLI
## You would need to manually find the role to delete it.
$ ec2-spot-interrupter --instance-ids i-012335

$ ec2-spot-interrupter --role-arn arn:aws::myrole --instance-ids i-012345

Additional context Add any other context about the problem here.

brycahta commented 2 years ago

I'm thinking we accomplish this by extending --clean flag to remove all underlying resources/infra. This would also provide a way to persist the role. Thoughts/prayers?

bwagner5 commented 2 years ago

hmm maybe... although --clean is probably best if always set to true, which is the default. I'm not sure if there would be any problems deleting the IAM role every time? But if there's no propagation delays, then that's probably the best thing to do for simplicity.

I think a good test is to implement IAM role deletion on --clean and then try executing the tool really fast. The creation would also need to be modified a bit to put a UUID or something so that it could support multiple invocations at the same time (wouldn't want the IAM role to be deleted by one process of ec2-spot-interrupter when another one is trying to use it).