Open clcpolevaulter opened 4 years ago
It looks like backendServiceAWS is required and is utilized to set some of the backend config.
It looks like if we store the statefile somewhere else it might work.
For the AWS Toolkit for Azure DevOps we support this use case by making the authentication optional. It would make sense to make provider optional/add a noop "Environment" option, so if the machine already has credentials, they can be used.
@N-Usha to look into this enhancement request.
@clcpolevaulter, Thanks for making this feature ask. While we acknowledge that this may be a feasible option for AWS deployments, we need to ensure optimal user experience for rest of the scenarios. We will surely consider this for future investments to enhance the extension. However we do not have any timelines to commit at this time given that we prioritize our investments by impact and severity for a broad set of customers; the impact of this problem is limited relative to other existing problems that we are currently investigating. Thanks again and please continue to give us your valuable feedback.
@AmrutaKawade @N-Usha @Roshan-Kumar-Microsoft @chshrikh On a similar note, the Terraform Extension for Azure DevOps uses the service connection: "AWS for Terraform" for authentication:
@hunterwerlla Any thoughts on ⬆️
We are trying to utilize Terraform Extension for Azure DevOps to create AWS resources. We are using self-hosted agents running as EC2 in the account we want Terraform to act in. Is there a way to get Terraform to use the EC2 Instance Metadata of the host EC2 instead of a service connection?
Note: this authentication method is similar to the one provided with AWS Toolkit for Azure DevOps