Comments (9)
hi @vito, this is a quite simple ticket that will benefit the people that uses IAM roles a lot.
Why not doing it if it takes a few hours and the vault secrets option looks nice but this is easier and is a quick win. thanks
from s3-resource.
@vito can you consider opening this back up? IAM roles are really useful, whilst using vault would be ideal, It is not desirable to use it in every use case.
from s3-resource.
Hi there!
We use Pivotal Tracker to provide visibility into what our team is working on. A story for this issue has been automatically created.
The current status is as follows:
- #121141611 Support EC2 IAM Role SessionToken
This comment, as well as the labels on the issue, will be automatically updated as the status in Tracker changes.
from s3-resource.
Thinking of closing this and concourse/semver-resource#16 in favor of concourse/concourse#291 - in lieu of Vault's support for IAM roles: hashicorp/vault#307
from s3-resource.
Hi @vito - I agree that using something like Vault would be a good way to standardize key management. Would this be transparent to me as an AWS IAM Role user, or an additional piece of infrastructure I'd need to manage? Thanks for the follow up.
from s3-resource.
Vault is a server you'd need to deploy, and I imagine you'd just give its EC2 instance the necessary IAM roles. Admittedly we haven't explored it enough yet for me to give you more solid answers, but we'll be starting on it in the coming week.
from s3-resource.
Sounds good - looking forward to what you find out. Thanks again.
from s3-resource.
@fquirce I understand it can be frustrating, but I'm opposed to merging in things that are going against Concourse's intended direction so long as we have the correct direction planned. There's no real reason for anyone to be blocked on us merging this in given that you can just override the s3
resource type with your own in your pipeline.
from s3-resource.
Closing per what I mentioned before - we should at least consolidate discussion in to #291, which so far has no one talking about IAM roles.
from s3-resource.
Related Issues (20)
- Gracefully handle differences in s3 API support HOT 13
- Unable to access latest version of file Hitachi S3
- Uploading file hangs when using Minio HOT 1
- Keep archive even with unpack HOT 1
- Random bucket doesn't exist errors. HOT 1
- Check fails for s3 buckets containing files with spaces in their names
- Add link to download bucket in UI
- upload to s3 bucket path without versioning and overwriting existing file HOT 1
- How can I fetch file with permanent name without version in name from not versioned S3 like minio HOT 4
- 404 on get after successful check HOT 1
- Get s3 resource does not honor region_name HOT 1
- Skip download but still get file metadata.
- What is the "key" (prefix) for versions extracted from filename by s3 resource? HOT 1
- Support assuming an IAM Role HOT 1
- Provide `s3_url` after upload
- check can takes ages and consume an inordinate amount of memory on large bucket
- Troubleshooting/Debugging options
- Code sample
- Support S3 checksum on put
- Access s3 without hardcoding IAM secret key and access key HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from s3-resource.