Re: Using AWS temporary security credentials with bosh?


Dmitriy Kalinin
 

There was a change recently merged in and is going through the CI which adds support for IAM instance profiles. This allows CPI to retrieve credentials automatically when necessary. I'll update this thread when it's available to use (next week I believe).

Sent from my iPhone

On Sep 19, 2015, at 4:48 AM, Tom Sherrod <tom.sherrod(a)gmail.com> wrote:

Hi,

How can AWS temporary security credentials be used with bosh in place of the access_key_id and secret_access_key? Reviewing manifests and documentation, I find no mention of aws_session_token. How would bosh refresh the token? Does an IAM role on the instance make it work?
I'm just diving into the AWS identity and access area. A kickstart in the right direction, much appreciated.

(I've successfully deployed bosh/cf in an AWS regular account. I am now switching to a federated and temporary security creds environment.)

Join cf-bosh@lists.cloudfoundry.org to automatically receive all group messages.