search

phillbaker / terraform-provider-elasticsearch

An elasticsearch provider for terraform
https://registry.terraform.io/providers/phillbaker/elasticsearch
Mozilla Public License 2.0
306 stars 134 forks source link

assume_role_arn needs to be refactored #330

Open leolorenzoluis opened 1 year ago

leolorenzoluis commented 1 year ago

When multiple resources are created with assume_role_arn provided,then we hit the rate limit under provider.go

func assumeRoleCredentials(region, roleARN, profile string) *awscredentials.Credentials {
    sessOpts := awsSessionOptions(region)
    sessOpts.Profile = profile

    sess := awssession.Must(awssession.NewSessionWithOptions(sessOpts))
    stsClient := awssts.New(sess)
    assumeRoleProvider := &awsstscreds.AssumeRoleProvider{
        Client:  stsClient,
        RoleARN: roleARN,
    }

    return awscredentials.NewChainCredentials([]awscredentials.Provider{assumeRoleProvider})
}
phillbaker commented 1 year ago

@leolorenzoluis can you please include debug logs showing this? Can you clarify what rate limit you're hitting?

leolorenzoluis commented 1 year ago

The debug logs will only show 400 http request that makes it look like it's coming from ElasticSearch but it's coming from STS.