Support for AWS profiles
Opened this issue · 3 comments
Hi :)
It'd be super helpful if AWS profiles were supported - maybe specified on the provider? e.g.:
provider "eksctl" {
aws_profile = "nonprod"
}
Then that could be used in awsclicompat and passed to eksctl as e.g. --profile nonprod
This is pretty essential for being able to target the right AWS account and not just use whatever might be the default on the developer's machine
@billinghamj Hey! This was something I wanted to add but it takes some time for refactoring as this provider is so unique that allows you to set region
per resource, not provider.
In the meantime, I added ability to customize the profile in addition to the region, per resources, like eksctl_cluster
. Please try if you can fallback to using it :) It's included since v0.9.0
Otherwise, please keep this issue open until I finish refactoring and manage to add region
and profile
to the provider config.
Ahh very nice, thank you! Will give that a try at some point. :)
For the future, maybe it's worth considering shifting both the region + profile config to the provider level, as you can always make multiple providers - so it matches the hashicorp aws provider. e.g. on ours we do:
provider "aws" {
alias = "playground"
region = "eu-west-1"
profile = "playground"
}
provider "aws" {
alias = "nonprod"
region = "eu-west-1"
profile = "nonprod"
}
provider "aws" {
alias = "logging"
region = "eu-west-1"
profile = "logging"
}
Is there an an update on this. I have similar request but instead require that the provider assume a role in order to deploy into a specific account. Something like:
`provider eksctl {
region = var.aws_region
assume_role {
session_name = "deploy"
role_arn = "arn:aws:iam::${var.aws_account}:role/myTerraformRole"
}
}`
The above works with the AWS provider as we use it to deploy resources.