search

openshift / aws-account-operator

Operator to manage pool of AWS accounts for Hive
Apache License 2.0
32 stars 75 forks source link

accountclaims: Accept ExternalID when calling AssumeRole #579

Closed vkareh closed 3 years ago

lisa commented 3 years ago

/cc @iamkirkbater /cc @rogbas

codecov-commenter commented 3 years ago

Codecov Report

Merging #579 (82fce24) into master (e01ae9d) will decrease coverage by 0.01%. The diff coverage is 0.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #579      +/-   ##
==========================================
- Coverage   13.46%   13.44%   -0.02%     
==========================================
  Files          44       44              
  Lines        3774     3778       +4     
==========================================
  Hits          508      508              
- Misses       3243     3247       +4     
  Partials       23       23
Impacted Files Coverage Δ
pkg/apis/aws/v1alpha1/accountclaim_types.go 8.33% <ø> (ø)
pkg/controller/account/account_controller.go 0.39% <0.00%> (ø)
pkg/controller/account/byoc.go 34.81% <0.00%> (-0.13%) :arrow_down:
pkg/controller/account/iam.go 0.00% <0.00%> (ø)
iamkirkbater commented 3 years ago

For context - This is to support the ExternalID for the AssumeRole command, which Customer X has requested as necessary for all AssumeRoles into their cluster: https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html

iamkirkbater commented 3 years ago

Try running (from the AAO root directory) ./boilerplate/_lib/container-make generate

vkareh commented 3 years ago

@iamkirkbater @jharrington22 - does this look good now?

jharrington22 commented 3 years ago

@vkareh looks good to me!

jharrington22 commented 3 years ago

@iamkirkbater @lisa this should be able to merge anytime.

iamkirkbater commented 3 years ago

/lgtm

Tested locally.

openshift-ci[bot] commented 3 years ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: iamkirkbater, vkareh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openshift/aws-account-operator/blob/master/OWNERS)~~ [iamkirkbater] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment