uohzxela
commented
8 years ago You can have a try at this feature. Currently I'm not doing any devops work so it's hard for me to spin up an AWS instance for testing.
Open sekka1 opened 8 years ago
uohzxela
commented
8 years ago You can have a try at this feature. Currently I'm not doing any devops work so it's hard for me to spin up an AWS instance for testing.
AWS Supports creating IAM Instance profiles for your nodes. This allows you to give AWS credentials to your nodes without having to pass in the aws key/secret in. The node can just go and query a known aws internal endpoint and get the credentials assigned to it. These creds also automatically rotate.
There are 2 things missing for this to work:
AWS info: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#instance-metadata-security-credentials
http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html
It would be nice to support this. The AWS Boto libs support this by default. Maybe the golang AWS libs supports this also?