terraform

Commit Graph

Author	SHA1	Message	Date
Radek Simko	e74449792d	aws: Refactor API mock helpers (#12769 ) This makes helpers generic enough to be useful for any AWS service	9 years ago
Joshua Carp	1f8c2e4c69	Parse AWS partition from ARN. [Resolves #5307]	10 years ago
Radek Simko	2ad84a51df	provider/aws: Fix misspelled words	10 years ago
James Nugent	e3ccb51168	provider/aws: Add assume_role block to provider This replaces the previous `role_arn` with a block which looks like this: ``` provider "aws" { // secret key, access key etc assume_role { role_arn = "<Role ARN>" session_name = "<Session Name>" external_id = "<External ID>" } } ``` We also modify the configuration structure and read the values from the block if present into those values and adjust the call to AssumeRole to include the SessionName and ExternalID based on the values set in the configuration block. Finally we clean up the tests and add in missing error checks, and clean up the error handling logic in the Auth helper functions.	10 years ago
Ian Duffy	767914bbdc	[GH-1275] Support for AWS access via IAMs AssumeRole functionality This commit enables terraform to utilise the assume role functionality of sts to execute commands with different privileges than the API keys specified. Signed-off-by: Ian Duffy <ian@ianduffy.ie>	10 years ago
James Nugent	21d1ac41fa	Merge branch 'd-update-aws-sdk'	10 years ago
Renier Morales	c2bcb5fbe5	Skip IAM/STS validation and metadata check (#7874 ) * Skip IAM/STS validation and metadata check * Skip IAM/STS identity validation - For environments or other api implementations where there are no IAM/STS endpoints available, this option lets you opt out from that provider initialization step. * Skip metdata api check - For environments in which you know ahead of time there isn't going to be a metadta api endpoint, this option lets you opt out from that check to save time. * Allow iam/sts initialization even if skipping account/cred validation (#7874) * Split out skip of IAM validation into credentials and account id (#7874)	10 years ago
James Nugent	6ddb8f5975	provider/aws: session.New -> session.NewSession() Version 1.3.1 deprecates use of `session.New()` in favour of `session.NewSession()`, which also returns an error. This commit updates the various call sites previously making use of `session.New()`.	10 years ago
Kraig Amador	a23bcf2ec9	Added accountid to AWSClient and set it early in the initialization phase. We use iam.GetUser(nil) scattered around to get the account id, but this isn't the most reliable method. GetAccountId now uses one more method (sts:GetCallerIdentity) to get the account id, this works with federated users.	10 years ago
Kraig Amador	dd77bf68da	Fixed up some confusion between AWS_TOKEN and AWS_PROFILE. Also allowing testing when AWS_PROFILE is set without AWS_SECRET_ACCESS_KEY and AWS_ACCESS_KEY_ID.	10 years ago
Colin Hebert	f1f602cdf6	aws: Enable account ID check for assumed roles + EC2 instances	10 years ago

11 Commits (551eedcf2616376b00d7da170b09f682bbfa3445)