Closed jtallinger closed 4 years ago
Something like this I suppose.. :)
Using: "github.com/aws/aws-sdk-go/aws/credentials/stscreds" Add new parameter UserRoleArn
var svc *ecs.ECS
sess := session.Must(session.NewSession(&awsConfig))
// If user role ARN is set then assume role here
if len(p.UserRoleArn) > 0 {
var arnCredentials *credentials.Credentials
awsConfigArn := aws.Config{Region: aws.String(p.Region)}
arnCredentials = stscreds.NewCredentials(sess, p.UserRoleArn, func(p *stscreds.AssumeRoleProvider) {})
awsConfigArn.Credentials = arnCredentials
svc = ecs.New(sess, &awsConfigArn)
} else {
svc = ecs.New(sess)
}
Hey @jtallinger I'll take a look when I get a chance (I don't have a cluster to test against right now so I might be a little while) but if you want to try it out and PR it in I'll definitely accept it in if it works :)
I'm quite new to both Go and AWS but I've tested this against our QA and Prod environment and it seems to work fine.
Thanks for an excellent plugin!
Closing with merge of #53
version 1.1.1 should have those changes in :)
Hi,
Would it be possible to add support for assuming a different user role?
Key/Secret -> login -> assume role -> create task. Something like this in settings:
From command line: $aws sts assume-role --role-arn "${USER_ROLE_ARN}"
Reference: https://github.com/shipt/drone-ecs-deploy/blob/282d911c1035c88f76247a0ef850faff36fd7c4f/ecs-deploy#L108