Open hgibsonqb opened 2 years ago
I did some investigation and it's probably because the aws-go-sdk version used by confd is very old. In the go package lock https://github.com/kelseyhightower/confd/blob/master/Gopkg.lock it's pinned to version "v1.13.41"
from 2018.
The session package's environment variable config file from that version has no option for WEB_IDENTITY_TOKEN_FILE
or AWS_ROLE_ARN
https://github.com/aws/aws-sdk-go/blob/9a2fe34af9644afba4a1a1406966e78eb0e985af/aws/session/env_config.go#L19-L98
The most recent version does though https://github.com/aws/aws-sdk-go/blob/main/aws/session/env_config.go#L131-L137
Would it be possible to upgrade the aws-go-sdk version?
Hi,
I'm running confd in in a container in eks. The pod has a service account which is associated with an iam role. https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
The AWS environment variables in the pod look like this. I've also tested without
AWS_SDK_LOAD_CONFIG
set with same results.I'm able to see valid aws configuration
I'm also able to access the ssm parameters through the aws cli
However trying to access with confd ssm parameter backend returns an error
I'm using confd version
confd-0.16.0-linux-amd64
and awscli versionaws-cli/1.22.46 Python/3.7.3 Linux/5.4.162-86.275.amzn2.x86_64 botocore/1.23.46
. The container os isx86_64 GNU/Linux
.My toml file looks like this
<my file tmpl>
looks like this