Allow the use of encrypted data bags for looking up AWS credentials

mdsol / ice_cookbook

Cookbook to install and configure Ice, an AWS cost monitoring tool from Netflix OSS

Other

41 stars 22 forks source link

Allow the use of encrypted data bags for looking up AWS credentials #18

Open rayrod2030 opened 11 years ago

rayrod2030 commented 11 years ago

It would be great to have the option of using an encrypted data bag to store AWS credentials used for accessing the AWS billing and ice work buckets via S3.

dhawal55 commented 9 years ago

Even better would be to leverage IAM role for AWS API calls. I'm not sure if this is supported currently.

et304383 commented 9 years ago

This could be solved by using a wrapper cookbook that pulls your credentials out of your data bag and sets the appropriate ice attribute files.

That being said, you should be using IAM roles unless you're forced to run this on premise rather than in AWS. By simply leaving the attributes for the access credentials blank you should get this behaviour.