adrianriobo
commented
1 year ago According to configure-aws-credentials on each execution a new pair of short-lived credentials are and set as ENVs for the runner
crc-cloud is based on pulumi, and pulumi inherit any standard auth mechanism offered by AWS, also as crc-cloud is being executed within the container we need to pass all the required ENVs to it:
- AWS_DEFAULT_REGION
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_SESSION_TOKEN
adding them to the container execution, crc-cloud works as expected (currently failing due to invalida PULL_SECRET content)
https://github.com/platform-engineering-org/poc/pull/93
`Diagnostics: pulumi:pulumi:Stack (crc-ocp412-crcCloud-Create): error: an unhandled error occurred: 1 error occurred:
rpc error: code = Unknown desc = invocation of aws:ec2/getVpc:getVpc returned an error: unable to validate AWS credentials. Details: no valid credential sources for found.
Please see for more information about providing credentials.
Error: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, failed to get API token, cannot get API token, operation error ec2imds: getToken, http response error StatusCode: 400, request to EC2 IMDS failed`