terraform-provider-netapp-cloudmanager icon indicating copy to clipboard operation
terraform-provider-netapp-cloudmanager copied to clipboard

Published 20 hours ago verified publisher icon NetApp

Assume Role does not work for NetApp connector & CVO deployment

Open bryanheo opened this issue 3 years ago • 3 comments

Hello

We are trying to deploy Connector and CVO via assume role as shown below but it returns an error 'UnauthorizedOperation'. When we deploy the connector and CVO with IAM user, the deployment works fine. Both IAM user and Assume role use the same policy. AWS resources are also created with the assume role but only netapp-cloudmanager_connector_aws and netapp-cloudmanager_cvo_aws are not created

Can NetApp resources be deployed by Assume role rather than IAM user?

provider "aws" {
  region = var.region

  assume_role {
    role_arn     = "arn:aws:iam::${var.account_id}:role/tfe-netapp-deploy"
    session_name = "tfe-netapp"
  }

}

Error Screenshot 2022-08-17 at 21 41 06

Regards Moon

bryanheo avatar Aug 17 '22 20:08 bryanheo

Yes, this is not supported at present. This is something we are currently working on for FSxN.

lonico avatar Aug 17 '22 21:08 lonico

@lonico Thank you for the confirmation. We will use IAM user for now

bryanheo avatar Aug 18 '22 09:08 bryanheo

DEVOPS-5351

lonico avatar Aug 18 '22 19:08 lonico