thoean
commented
6 years ago Can you run this script 3 times with 3 different AWS Access Keys, one for each environment?
Open nathaniel-holder opened 6 years ago
thoean
commented
6 years ago Can you run this script 3 times with 3 different AWS Access Keys, one for each environment?
nathaniel-holder
commented
6 years ago Yes, that's the workaround that I used.
thoean
commented
6 years ago I don't understand why this is a workaround. You have 3 completely different accounts, so the user management is different.
The link you reference is for assuming roles on the AWS Console. For API, it might be this. Is this something your startup code could do and just set the respective AWS access/secret keys? That way, you can keep the switch role feature, and this library does not need to include this dependency.
Am I missing something?
nathaniel-holder
commented
6 years ago When a restore is necessary, I run restore using the gulp examples in the Readme, not from my code, because it's run ad-hoc.
So, having this module be able to assume roles, like the AWS CLI does, would be helpful. And/Or, be able to take --region and --profile parameters like the CLI. For an example of a module that does this, see dynamodump.
Just to be clear, my scenario is that i have 3 different accounts (dev, staging, live), but then a 4th master account that contains the IAM users that then have access rights (using Assume Role) to each of these 3 accounts. I use one master IAM user to access dev, staging, and live accounts, using AWS CLI and AWS Console. That way, I never have to log out or in separately - i just change roles.
I have 3 AWS accounts (for dev, staging, live) and use a single master IAM user to access all 3 accounts (see here). This doesn't seem to be supported?