IAM Roles clients are embedded within redpanda code. The current test strategy is:
use the in built c++ mock http server for unit tests
use a mock python server in ducktape tests
both approaches return responses crafted to mock IAM responses.
However to test this comprehensively we can test against calls to real IAM roles APIs by running ducktape tests on infrastructure which is on AWS/GCP and with machines having real roles assigned:
deploy on AWS EC2 vm which has IAM role assigned and call the EC2 instance metadata service for credentials
deploy on gcp vm which has IAM role assigned and call the google metadata service for credentials
deploy on EKS and GKE with pods tagged with specific IAM roles
The ducktape tests with these deployments will exercise the IAM roles code in redpanda without mocking anything.
IAM Roles clients are embedded within redpanda code. The current test strategy is:
both approaches return responses crafted to mock IAM responses.
However to test this comprehensively we can test against calls to real IAM roles APIs by running ducktape tests on infrastructure which is on AWS/GCP and with machines having real roles assigned:
The ducktape tests with these deployments will exercise the IAM roles code in redpanda without mocking anything.
JIRA Link: CORE-978