You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We're trying to keep a clear boundary between the scope of our Terraform provider, and spacectl. The latter is supposed to do things that are not a great fit for the former. Since managing the lifecycle of resources like contexts is generally handled by IaC, I'd be curious to learn what your use case is @abennett? Why would you need to create contexts from the CLI as opposed to writing a bit of Terraform?
Our AWS roles that Spacelift uses are configured without the ability to mutate IAM as an additional risk mitigation. To compensate for this, I have written an accompanying CLI that goes through the following steps:
Create AWS session credentials with greater privileges
Detach the cloud integrations
Create a new context with the session creds
Attach them to the stack
Wait for a SIGINT whilst I apply
Detach context
Delete context
Reattach cloud integrations
I suppose it is a bit niche, and I am pretty satisfied with my custom solution if we wanted to avoid exposing contexts in spacectl.
I'm interested in adding a new set of subcommands like:
context create
context update
context delete
context list
But I would like to solicit input of how the inputs should be supplied, with special consideration for sensitive
writeOnly
values.The text was updated successfully, but these errors were encountered: