Access to hosts AWS IAM instance profile

[trevorlauder]

Is there a way for the VM to access the hosts AWS IAM instance profile?

[edigaryev]

You mean the http://169.254.169.254/ URL?

Does it work when accessing it from the host?

[trevorlauder]

Yeah, that URL works on the host and aws sts get-caller-identity returns the correct role. Is there a way for the VM's to access that on the host?

[fkorotkov]

I think with bridged networking support introduced in #75 you can make the VM to use the same networking interface and access the standard AWS metadata server. Please let us know how it will go.

[trevorlauder]

Running the VM in bridged mode results in the VM never receiving an IP. I wouldn't think bridge mode would work in EC2?

tart run --net-bridged=en0 my-vm
tart ip my-vm 

no IP address found

List also showed en3 but using that causes an error.

virtual machine's network attachment <VZNetworkDevice: 0x600002b19fb0> has been disconnected with error: Error Domain=VZErrorDomain Code=1 "Internal Network Error." UserInfo={NSLocalizedFailure=Internal Virtualization error., NSLocalizedFailureReason=Internal Network Error.}

[fkorotkov]

You need to use tart ip --resolver=arp my-vm if you use bridged networking. GitLab Tart Executor will do it for you:

https://github.com/cirruslabs/gitlab-tart-executor/blob/4d29d8df04173f6bd3433a1e83ae936a4d3e1da2/internal/tart/vm.go#L239-L242

[trevorlauder]

@fkorotkov Running tart ip --resolver=arp my-vm still gives the same error. Using GitLab Tart Executor also gives the same error when setting TART_EXECUTOR_BRIDGED: en0 in the job.

en0 isn't active, there is no IP on that interface. en3 is the one with an IP from the VPC but using it throws the other error mentioned above:

virtual machine's network attachment <VZNetworkDevice: 0x600002b19fb0> has been disconnected with error: Error Domain=VZErrorDomain Code=1 "Internal Network Error." UserInfo={NSLocalizedFailure=Internal Virtualization error., NSLocalizedFailureReason=Internal Network Error.}