Closed ssuprun closed 8 years ago
I suggest adding a note somewhere that you need to export either a pair of AWS_ACCESS_KEY and AWS_SECRET_KEY or AWS_PROFILE environment variable along with a ~/.aws/credentials file.
Looks good to me.
Replying to @rparkhunovsky 's comment -- does this break anything that is currently working?
Also, separately, what is this PR for? I get that you're updating the AWS SDK, but nowhere is the reason for doing so stated clearly. Can you please explain why we're updating the AWS SDK at all?
Currently, with aws-sdk-ruby 2.5.1 and cloudformation-ruby-dsl 1.2.1-1.2.2 if you need to launch stacks with the assumed-profile that is configured in your ~/.aws/credentials as below
[default]
aws_access_key_id = foo
aws_secret_access_key = bar
[assumed-profile]
role_arn = arn:aws:iam::123456789012:role/group/username
source_profile = default
region=us-east-1
you must export AWS_PROFILE=assumed-profile
environment variable and unset any AWS_ACCESS_KEY
before executing cloudformation-ruby-dsl templates to get it launched under the chosen profile.
Sergey's changes allow passing --profile assumed-profile
option to do that.
Thanks for the explanation, @rparkhunovsky . I'm fine with merging this in if it doesn't break anything.
LGTM :)
LGTM
@jonaf we've tested these changes with patched version of aws-sdk older then 2.4 (2.3.7), =2.4.1 and with the latest one (2.5.1). I can confirm that all works as expected. Thanks for review. :)
The shared_credential and shared_config functionality still under development - aws/aws-sdk-ruby@133c252 (less then 1 day ago), but usage the environment variables looks stable. So the profile definition was updated with environment variables.