Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
Allow AWS temporary credentials with session tokens #958
This allows passing the session token of AWS temporary credentials to boto. This helps when the AWS credentials came from assuming a role or using a MFA token.
I just hacked this up now and it works for my ec2/route53 test. If the approach seems right to you, I can add some documentation and check that the use case of #938 can work by specifying an empty access_key_id.
While this works for deployment I suspect there may be a codepath that has been missed as I get the same 401 error I got without this patch when trying to delete a ec2 keypair:
Very, thanks for making it. I really hope it lands soon.
Indeed I can, I am getting this on
Sadly I do not think this branch is quite ready for merge, last I used it various operations still failed and did not seem to be utilizing the keys. From memory things like doing a
I have since switched to using Hashicorp Vault to generate users dynamically so I get a similar kind of thing to the STS sessions but nixops does not complain... so I am not so up to date with what works with this branch and what does not for now.
Thank you for this PR.
In the past several months, some major changes have taken place in
This is all accumulating in to what I hope will be a NixOps 2.0
My hope is that by adding types and more thorough automated testing,
However, because of the major changes, it has become likely that this
If you would like to see this merge, please bring it up to date with
Thank you again for the work you've done here, I am sorry to be