Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS assume role #611

Merged
merged 4 commits into from
Jun 3, 2024
Merged

AWS assume role #611

merged 4 commits into from
Jun 3, 2024

Conversation

teddyking
Copy link
Contributor

About

I am looking to use AWS Assume Role with bbl. I see there has been some work done in the past to add this support in (see the aws-assume-role-support branch), however it looks like that work never got merged into main.

I tried it out myself by rebasing that branch on top of main and building a local copy to see if it would work. I was able to successfully bbl up a director using the BBL_AWS_ASSUME_ROLE env var so thought I'd open this PR to get that work merged in.

cc @danielfor and @ystros who originally contributed the commits to the aws-assume-role-support branch.

danielfor and others added 3 commits June 3, 2024 14:48
@danielfor @teddyking
Add assume role support to BBL
462a81c 
Initial commit.
Includes: BBL assuming the role while terraforming and the iaas
interactions between bbl and aws.
Missing: using the ops file found in bosh-deployment:
`aws/cpi-assume-role-credentials.yml` to make the AWS CPI use the role.
Unit tests/Integration tests.
@ystros @teddyking
Pass AWS assume role ops files and variables
1cb0062 
If the AWS assume role ARN is set, the scripts to create both the BOSH
Director and jumpbox need to pass additional ops files and variables.

[#184999423] Add AssumeRole support to bbl
@ystros @teddyking
Add error when using assume role + state bucket
7e72493 
[#184999423] Add AssumeRole support to bbl
lnguyen
lnguyen approved these changes Jun 3, 2024
View reviewed changes
Copy link
Member

@lnguyen lnguyen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@linux-foundation-easycla Linux Foundation: EasyCLA
Copy link

linux-foundation-easycla bot commented Jun 3, 2024
edited
Loading

CLA Signed

The committers listed above are authorized under a signed CLA.

  • ✅ login: ystros / name: Brian Upton (1cb0062, 7e72493)
  • ✅ login: teddyking / name: Ed King (7b14773)
  • ✅ login: danielfor / name: Daniel Felipe Ochoa (462a81c)

@rkoster rkoster requested a review from ramonskie June 3, 2024 14:50
ramonskie
ramonskie approved these changes Jun 3, 2024
View reviewed changes
Copy link
Contributor

@ramonskie ramonskie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

jpalermo
jpalermo approved these changes Jun 3, 2024
View reviewed changes
Copy link
Member

@jpalermo jpalermo left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like there are some linting errors

Never mind, the linting errors are unrelated to this PR

@jpalermo jpalermo self-requested a review June 3, 2024 15:45
@jpalermo jpalermo merged commit 29b3efe into cloudfoundry:main Jun 3, 2024
2 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ramonskie ramonskie ramonskie approved these changes

@lnguyen lnguyen lnguyen approved these changes

@jpalermo jpalermo Awaiting requested review from jpalermo

Assignees
No one assigned
Labels
None yet
Projects
Foundational Infrastructure Working Group
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@teddyking @jpalermo @lnguyen @ramonskie @cf-gitbot @danielfor @ystros