Add a hack to make AWS Roles usable #1548
Conversation
MikaelSmith
force-pushed
the
add-aws-roles
branch
from
88769e9
to
bdae0aa
Compare
|
Actually, I may be able to use AWS_SECURITY_TOKEN. Not very discoverable though. |
MikaelSmith
force-pushed
the
add-aws-roles
branch
from
bdae0aa
to
a5793f6
Compare
playbooks/amazon.yml
Outdated
| then get a session token by running 'aws sts get-caller-identity --profile <profile>' and finding | ||
| it in ~/.aws/cli/cache/*.json. | ||
|
|
||
| What is your AWS Session Token? Press enter for default (no token). |
There was a problem hiding this comment.
The details sound like the kind of thing that could go in the main or advanced documentation. It would let you have less text for the user to read in the dialog and more in the instructions.
Suggested rewrite of the prose:
If you don't use AWS Roles, you should leave this blank.
If you use AWS Roles, see https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-role.html , then get a session token by running 'aws sts get-caller-identity --profile ' and finding it in ~/.aws/cli/cache/*.json.
If you use AWS Roles, what is your AWS Token? Press enter for none.
There was a problem hiding this comment.
I'm not sure where that documentation should go.
nopdotcom
added
area/ansible
kind/feature
provider/amazon
status/revisions-needed
Enable using a manually-generated session token for AWS Roles. A better solution would be to use https://docs.ansible.com/ansible/latest/modules/sts_assume_role_module.html, but I'm not sure how to add the conditional logic required to add that to the Streisand setup workflow.
MikaelSmith
force-pushed
the
add-aws-roles
branch
from
85865c8
to
0558e50
Compare
Enable using a manually-generated session token for AWS Roles.
A better solution would be to use https://docs.ansible.com/ansible/latest/modules/sts_assume_role_module.html, but I'm not sure how to add the conditional logic required to add that to the Streisand setup workflow.