duergner
commented
7 years ago Shouldn't that work out of the box? As it's based on boto and boto should support IAM Roles (http://boto3.readthedocs.io/en/latest/guide/configuration.html#iam-role)?
Closed T1ckL35 closed 7 years ago
duergner
commented
7 years ago Shouldn't that work out of the box? As it's based on boto and boto should support IAM Roles (http://boto3.readthedocs.io/en/latest/guide/configuration.html#iam-role)?
RyPeck
commented
7 years ago @T1ckL35 what's the error you are seeing? Are you confident that your IAM settings are set up correctly?
T1ckL35
commented
7 years ago Hi,
Thanks for getting back to me. It happens that at the time I didn't quite understand that IAM Roles work at a higher level and how Boto handles them. I was expecting to have to somehow inject the temporary security credentials into the configuration along with the security token. As you have rightly linked to, it handles the lack of access keys/tokens and falls back to trying the IAM Role way.
Apologies for getting the wrong end of the stick here Simon
I have successfully hooked dynamic-dynamodb into supervisord and an auto scaling group using an IAM user but quickly had a look at using an IAM Role with my instances being controlled by the ASG. It turns out that IAM Role credentials have an extra security token passed with the temporary credentials and this is not supported in the current dynamic-dynamodb code. Are there any plans down the road to support this type of authentication?