Date
1 - 9 of 9
Using AWS temporary security credentials with bosh?
Tom Sherrod <tom.sherrod@...>
Hi,
How can AWS temporary security credentials be used with bosh in place of the access_key_id and secret_access_key? Reviewing manifests and documentation, I find no mention of aws_session_token. How would bosh refresh the token? Does an IAM role on the instance make it work?
I'm just diving into the AWS identity and access area. A kickstart in the right direction, much appreciated.
(I've successfully deployed bosh/cf in an AWS regular account. I am now switching to a federated and temporary security creds environment.)
How can AWS temporary security credentials be used with bosh in place of the access_key_id and secret_access_key? Reviewing manifests and documentation, I find no mention of aws_session_token. How would bosh refresh the token? Does an IAM role on the instance make it work?
I'm just diving into the AWS identity and access area. A kickstart in the right direction, much appreciated.
(I've successfully deployed bosh/cf in an AWS regular account. I am now switching to a federated and temporary security creds environment.)
Dmitriy Kalinin
There was a change recently merged in and is going through the CI which adds support for IAM instance profiles. This allows CPI to retrieve credentials automatically when necessary. I'll update this thread when it's available to use (next week I believe).
Sent from my iPhone
toggle quoted message
Show quoted text
Sent from my iPhone
On Sep 19, 2015, at 4:48 AM, Tom Sherrod <tom.sherrod(a)gmail.com> wrote:
Hi,
How can AWS temporary security credentials be used with bosh in place of the access_key_id and secret_access_key? Reviewing manifests and documentation, I find no mention of aws_session_token. How would bosh refresh the token? Does an IAM role on the instance make it work?
I'm just diving into the AWS identity and access area. A kickstart in the right direction, much appreciated.
(I've successfully deployed bosh/cf in an AWS regular account. I am now switching to a federated and temporary security creds environment.)
Dmitriy Kalinin
We had a hiccup in our CI pipeline regarding this feature. Will update as soon we have it.
Sent from my iPhone
toggle quoted message
Show quoted text
Sent from my iPhone
On Sep 19, 2015, at 4:48 AM, Tom Sherrod <tom.sherrod(a)gmail.com> wrote:
Hi,
How can AWS temporary security credentials be used with bosh in place of the access_key_id and secret_access_key? Reviewing manifests and documentation, I find no mention of aws_session_token. How would bosh refresh the token? Does an IAM role on the instance make it work?
I'm just diving into the AWS identity and access area. A kickstart in the right direction, much appreciated.
(I've successfully deployed bosh/cf in an AWS regular account. I am now switching to a federated and temporary security creds environment.)
Tom Sherrod <tom.sherrod@...>
Still very interested in getting this working.
I hope the hiccups pass soon!
Tom
On Fri, Sep 25, 2015 at 1:57 AM, Dmitriy Kalinin <dkalinin(a)pivotal.io>
wrote:
I hope the hiccups pass soon!
Tom
On Fri, Sep 25, 2015 at 1:57 AM, Dmitriy Kalinin <dkalinin(a)pivotal.io>
wrote:
We had a hiccup in our CI pipeline regarding this feature. Will update as
soon we have it.
Sent from my iPhoneOn Sep 19, 2015, at 4:48 AM, Tom Sherrod <tom.sherrod(a)gmail.com> wrote:the access_key_id and secret_access_key? Reviewing manifests and
Hi,
How can AWS temporary security credentials be used with bosh in place of
documentation, I find no mention of aws_session_token. How would bosh
refresh the token? Does an IAM role on the instance make it work?I'm just diving into the AWS identity and access area. A kickstart inthe right direction, much appreciated.switching to a federated and temporary security creds environment.)
(I've successfully deployed bosh/cf in an AWS regular account. I am now
Dmitriy Kalinin
We have made IAM instance profile support available in latest
bosh-aws-cpi-release. See
https://bosh.io/docs/aws-iam-instance-profiles.html on how to use it.
toggle quoted message
Show quoted text
bosh-aws-cpi-release. See
https://bosh.io/docs/aws-iam-instance-profiles.html on how to use it.
On Sat, Sep 26, 2015 at 5:57 AM, Tom Sherrod <tom.sherrod(a)gmail.com> wrote:
Still very interested in getting this working.
I hope the hiccups pass soon!
Tom
On Fri, Sep 25, 2015 at 1:57 AM, Dmitriy Kalinin <dkalinin(a)pivotal.io>
wrote:We had a hiccup in our CI pipeline regarding this feature. Will update as
soon we have it.
Sent from my iPhoneOn Sep 19, 2015, at 4:48 AM, Tom Sherrod <tom.sherrod(a)gmail.com> wrote:of the access_key_id and secret_access_key? Reviewing manifests and
Hi,
How can AWS temporary security credentials be used with bosh in place
documentation, I find no mention of aws_session_token. How would bosh
refresh the token? Does an IAM role on the instance make it work?I'm just diving into the AWS identity and access area. A kickstart inthe right direction, much appreciated.switching to a federated and temporary security creds environment.)
(I've successfully deployed bosh/cf in an AWS regular account. I am now
Dmitriy Kalinin
You have to use bosh-init to get this feature working.
Sent from my iPhone
toggle quoted message
Show quoted text
Sent from my iPhone
On Oct 1, 2015, at 1:11 PM, Satya Thokachichu <tsnraju(a)yahoo.com> wrote:
bosh deployment work like a gem with IAM instance profiles...Having trouble with microbosh deployment..Please advise.