search

circleci / circleci-docs

Documentation for CircleCI.
https://circleci.com/docs/
Other
780 stars 1.3k forks source link

OICD AWS Provider - Old AWS orb version not consistent with > 4.0 version causing issues with AWS Credentials configuration #8530

Open nastymajestic opened 7 months ago

nastymajestic commented 7 months ago

Locations

https://circleci.com/docs/openid-connect-tokens/#authenticate-jobs-with-cloud-providers

Details

Old version of AWS orb "circleci/aws-cli@3.1.5" current is 4.1.2 yet reference to >4.0 causing issues with configuration.

Docu of version 4.1.2 is also not updated and it's showing examples on 4.0 orbs version

AWS Cloud provider setup of OICD Roles

version: 2.1

orbs:
  aws-cli: circleci/aws-cli@3.1.5
jobs:
  aws-example:
    environment:
      AWS_REGION: us-west-1
    docker:
      - image: cimg/aws:2023.06
    steps:
      - checkout
      # run the aws-cli/setup command from the orb
      - aws-cli/setup:
          role-arn: "arn:aws:iam::123456789012:role/OIDC-ROLE"
          aws-region: ${AWS_REGION}
          # optional parameters
          profile-name: "OIDC-PROFILE"
          role-session-name: "example-session"
          session-duration: "1800"

Changes in parameters version >4.0 - dashes changed to underlines:

version: '2.1'
orbs:
  aws-cli: circleci/aws-cli@4.0
jobs:
  aws-cli-example:
    executor: aws-cli/default
    steps:
      - checkout
      - aws-cli/setup:
          profile_name: WEB IDENTITY PROFILE
          role_arn: arn:aws:iam::123456789012:role/WEB-IDENTITY-ROLE
          role_session_name: example-session
      - run: echo "Run your code here"
workflows:
  aws-cli:
    jobs:
      - aws-cli-example:
          context: aws

Extra evidence like build output or other links https://circleci.com/developer/orbs/orb/circleci/aws-cli?version=4.1.2 https://circleci.com/docs/openid-connect-tokens/#aws

rosieyohannan commented 7 months ago

Thanks so much for flagging this up @nastymajestic! We will get this fixed.