From adc254013539431848ed59570a3b4a431b21a3ca Mon Sep 17 00:00:00 2001 From: Mikkel Oscar Lyderik Larsen Date: Thu, 13 Dec 2018 13:30:28 +0100 Subject: [PATCH] Update the bootstrap guide to use Process Signed-off-by: Mikkel Oscar Lyderik Larsen --- README.md | 2 +- scripts/get_credentials.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 40b50ce..201d234 100644 --- a/README.md +++ b/README.md @@ -171,7 +171,7 @@ initial credentials and create a secret. ```sh $ export ARN="arn.of.the.iam.role" -$ kubectl create secret generic aws-iam- --from-literal "credentials=$(./scripts/get_credentials.sh "$ARN")" +$ kubectl create secret generic aws-iam- --from-literal "credentials.json=$(./scripts/get_credentials.sh "$ARN")" --from-literal "credentials.process=$(printf "[default]\ncredential_process = cat /meta/aws-iam/credentials.json\n")" ``` Once the secret is created you can deploy the controller using the example diff --git a/scripts/get_credentials.sh b/scripts/get_credentials.sh index 1a2cf1f..546dc12 100755 --- a/scripts/get_credentials.sh +++ b/scripts/get_credentials.sh @@ -8,4 +8,4 @@ aws_secret_access_key="$(echo -n "$assume_role" | jq -r '.Credentials.SecretAcce aws_session_token="$(echo -n "$assume_role" | jq -r '.Credentials.SessionToken')" aws_expiration="$(echo -n "$assume_role" | jq -r '.Credentials.Expiration')" -printf "[default]\naws_access_key_id = ${aws_access_key_id}\naws_secret_access_key = $aws_secret_access_key\naws_session_token = $aws_session_token\naws_expiration = $aws_expiration\n" +printf "{\"Version\": 1, \"AccessKeyId\": \"$aws_access_key_id\", \"SecretAccessKey\":\"$aws_secret_access_key\", \"SessionToken\":\"$aws_session_token\", \"Expiration\": \"$aws_expiration\"}"