Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add --assume-role-arn option to the top level of the CLI #530

Merged
merged 1 commit into from
Mar 24, 2023
Merged

Add --assume-role-arn option to the top level of the CLI #530

merged 1 commit into from
Mar 24, 2023

Conversation

moznion
Copy link
Contributor

@moznion moznion commented Mar 7, 2023
edited
Loading

This option receives an ARN of the role to assume and it makes the user able to do the operations across the accounts according to the given role by assuming.

e.g.

$ ecspresso --help
Usage: ecspresso <command>

Flags:
  -h, --help                      Show context-sensitive help.
      --envfile=ENVFILE,...       environment files
      --debug                     enable debug log
      --ext-str=KEY=VALUE;...     external string values for Jsonnet
      --ext-code=KEY=VALUE;...    external code values for Jsonnet
      --config="ecspresso.yml"    config file
      --assume-role-arn=""        the ARN of the role to assume
      --option=OPTION

Commands:

...

$ ecspresso status --assume-role-arn=arn:aws:iam::123456789012:role/ecsOperatableRole

The motivation for this patch is we would like to manage the sort of deployment hub system on an AWS account in order to consolidate the deployment logs due to the audit reason and that hub system has to manipulate the ECS environments which are in the various different AWS accounts.

@moznion
Add --assume-role-arn option to the top level of the CLI
cb72113 
This option receives an ARN of the role to assume and it makes the user
able to do the operations across the accounts according to the assume-role.

e.g.

```
$ ecspresso --help
Usage: ecspresso <command>

Flags:
  -h, --help                      Show context-sensitive help.
      --envfile=ENVFILE,...       environment files
      --debug                     enable debug log
      --ext-str=KEY=VALUE;...     external string values for Jsonnet
      --ext-code=KEY=VALUE;...    external code values for Jsonnet
      --config="ecspresso.yml"    config file
      --assume-role-arn=""        the ARN of the role to assume
      --option=OPTION

Commands:

...

$ ecspresso status --assume-role-arn=arn:aws:iam::123456789012:role/ecsOperatableRole
```

Signed-off-by: moznion <moznion@mail.moznion.net>
@fujiwara fujiwara changed the base branch from v2 to assume-role March 24, 2023 14:18
@fujiwara
Copy link
Contributor

Thank you! I changed this PR destination branch. I'll modify some codes and merge into v2 branch.

@fujiwara fujiwara merged commit 7200b18 into kayac:assume-role Mar 24, 2023
@fujiwara fujiwara mentioned this pull request Mar 24, 2023
Merged
@fujiwara
Copy link
Contributor

fujiwara commented Mar 24, 2023
edited
Loading

@moznion I refactored in #538 and pre released https://github.com/kayac/ecspresso/releases/tag/v2.0.5-nightly-6b91a090c1a52f23bb05aeb2e7ff7d53f8409cfd. Please try it!

@moznion moznion deleted the assume-role-opt branch March 29, 2023 21:09
@moznion
Copy link
Contributor Author

moznion commented Mar 29, 2023

@fujiwara That's very awesome, that worked well! I appreciate your works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@moznion @fujiwara