Lambda plugin support IAM instance roles #5297
Comments
|
This functionality is available in the latest minor release of Kong, versions 1.4+ See the documentation at https://docs.konghq.com/hub/kong-inc/aws-lambda/. Thanks! |
|
@p0pr0ck5 do you have a reference to the code that actually makes this functional? I see nothing in the plugin code that would suggest this has been implemented plus testing of this functionality using 1.4+ does not work. I believe the docs are outdated and actually opened a PR on the docs earlier to fix this inaccuracy. I'd be happy to be proven wrong, though! |
|
Heya, not sure which part of the codebase you looked at, but the implementation of reaching out to the AWS ec2 metadata service is implemented here: https://github.com/Kong/kong-plugin-aws-lambda/blob/master/kong/plugins/aws-lambda/iam-ec2-credentials.lua |
|
The PR you’re referring to is several years old, and in that time the plugin codebase has been broken out into a separate repo (linked above). Would love to hear specific steps youve tried that failed to get the plugin working on a machine with proper IAM credentials to run a lambda plugin. |
|
Geesh...this makes total sense. I was looking in the Kong project under the
Lambda plugin but not at the actual Lambda plugin project. Let me revisit
my testing to see what’s causing the problem there. Thanks for the help!
…On Wed, Dec 4, 2019 at 11:19 PM Robert ***@***.***> wrote:
Heya, not sure which part of the codebase you looked at, but the
implementation of reaching out to the AWS ec2 metadata service is
implemented here:
https://github.com/Kong/kong-plugin-aws-lambda/blob/master/kong/plugins/aws-lambda/iam-ec2-credentials.lua
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#5297?email_source=notifications&email_token=ABHP4NF7QIS4FAY4YYOZZQDQXCFPJA5CNFSM4JVTXLL2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEF7QULA#issuecomment-561973804>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABHP4NAYAAF5HSWWHB7R75LQXCFPJANCNFSM4JVTXLLQ>
.
|
|
@p0pr0ck5 is there something that I need to do in order to enable the newer version of the plugin? I am running kong 1.4.0 and am still seeing the schema from the old codebase enforced. I have included more detailed information and steps to reproduce here: Kong/kong-plugin-aws-lambda#17 |
|
@p0pr0ck5 I learned that kong is not yet being bundled with the plugin version that reaches out to the aws metadata service. Until kong 2.0, the deployed aws-lambda plugin is the version included in this repo at: https://github.com/Kong/kong/tree/master/kong/plugins/aws-lambda Could you point me to where to edit this documentation? https://docs.konghq.com/hub/kong-inc/aws-lambda/ More info: Kong/kong-plugin-aws-lambda#17 |
Summary
Support for IAM instance role usage in the Lambda plugin was removed in the past as is reference in here. This is a feature request to add support for this feature again which properly uses sockets for the communication with the EC2 metadata service.
The text was updated successfully, but these errors were encountered: