ops-cli icon indicating copy to clipboard operation
ops-cli copied to clipboard
verified publisher icon adobe

Migrate ec2inventory plugin to use boto3

Open costimuraru opened this issue 6 years ago • 0 comments

[Migrated]

The upgrade to Boto3 is part of an ongoing initiative of having a single instance which coordinates deployments - with support for automatic deployments in pre-production environments.

Boto3 has built-in support for the default AWS Credentials Providers stack.

We need to set the cross-account trusting policies for our accounts, being then able to specify automatic role assumption in a cross-account context via ~/.aws/config.

It might now work out of the box, as it doesn't for aws-cli (see: https://github.com/aws/aws-cli/issues/1604 and https://github.com/aws/aws-cli/issues/1390). In that case, we would need to do programatic role assumption - I was not been able to fully test this yet (permissions).

Note This change is intended to be backward-compatible with the current setup - in other words, temporary/static credentials should work as before.

costimuraru avatar Jan 31 '19 18:01 costimuraru