configure-aws-credentials icon indicating copy to clipboard operation
configure-aws-credentials copied to clipboard

Published 20 hours ago verified publisher icon aws-actions

Override Exported Variable Names

Open dstarner opened this issue 3 years ago • 2 comments

During our run, we need to pull in multiple AWS accounts for different resources and products. By default, this only exports to the standard AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY env variables, but we would like the option to run the action multiple times and include either a prefix / suffix value for those environment variables or provide explicit override values for all of them.

      - name: Configure AWS Credentials
        uses: aws-actions/[email protected]
        with:
          aws-region: us-east-2
          role-to-assume: arn:aws:iam::1234:role/my-example-role

      - name: Configure AWS Credentials
        uses: aws-actions/[email protected]
        with:
          aws-region: us-east-2
          role-to-assume: arn:aws:iam::123456:role/my-second-role

          # The following would be the addition
          env-prefix: `SECOND`  # would result in `SECOND_AWS_ACCESS_KEY` and so on...

          # OR explicit
          access-key-env: SECOND_AWS_ACCESS_KEY
          secret-key-env: SECOND_AWS_SECRET_ACCESS_KEY

dstarner avatar Dec 01 '21 18:12 dstarner

Would you be able to accomplish this by chaining steps together and setting environment variables yourself? Something like:

steps:
  - name: Get AWS credentials
    uses: aws-actions/[email protected]
    with:
      aws-region: us-east-2
      role-to-assume: arn:aws:iam::1234:role/my-example-role
  - name: Rename env variables
    run: |
      echo "${{ env.AWS_ACCESS_KEY_ID }}=SECOND_AWS_ACCESS_KEY" >> $GITHUB_ENV
      echo "${{ env.AWS_SECRET_ACCESS_KEY }}=SECOND_AWS_SECRET_ACCESS_KEY" >> $GITHUB_ENV
      echo "${{ env.AWS_SESSION_TOKEN }}=SECOND_AWS_SESSION_TOKEN" >> $GITHUB_ENV
  - name: Get AWS credentials
    uses: aws-actions/[email protected]
    with:
      aws-region: us-east-2
      role-to-assume: arn:aws:iam::123456:role/my-second-role

And so on

kellertk avatar Jan 02 '22 06:01 kellertk

This could be a feature we implement, however since there's a workaround you can do as described in the above comment, I wouldn't want to implement this unless it's something enough people want. I'll leave the issue open to collect more feedback 🙂

peterwoodworth avatar Oct 11 '22 22:10 peterwoodworth

Upvoting, this would be nice to be able to configure this thing :pray:

filipgolonka avatar Nov 04 '22 12:11 filipgolonka

We've decided we won't be supporting this. However, we will look into other ways to better support multiple profiles in the future. Stay tuned for that 🙂

peterwoodworth avatar Mar 22 '23 21:03 peterwoodworth

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.

github-actions[bot] avatar Mar 22 '23 21:03 github-actions[bot]