aws-sdk-ruby icon indicating copy to clipboard operation
aws-sdk-ruby copied to clipboard

Published 20 hours ago verified publisher icon aws

Add Support for IAM Roles Anywhere CreateSession

Open rittneje opened this issue 2 years ago • 4 comments

Describe the feature

Add native support for CreateSession to the SDK.

Use Case

We would like to leverage IAM Roles Anywhere to "bootstrap" AWS credentials into our external services that are written in Ruby. We are unable to use the precanned credential_process binaries.

Proposed Solution

No response

Other Information

No response

Acknowledgements

  • [ ] I may be able to implement this feature request
  • [ ] This feature might incur a breaking change

SDK version used

3.122.0

Environment details (OS name and version, etc.)

Linux

rittneje avatar Jul 19 '22 11:07 rittneje

Thanks for opening an issue. Why are you unable to use the provided credential_process helper?

mullermp avatar Jul 19 '22 14:07 mullermp

@mullermp Without getting into the finer details, the main issue is we cannot really deploy an arbitrary executable. We can only deploy the Ruby code.

To be honest I'm not sure what the motivation was for making it a separate process instead of integrating it with the SDKs, given that you need an SDK anyway in order to do anything with the resulting credentials. Plus the credential process assumes the existence of a private key file, which means it is incompatible with things like Azure Key Vault.

rittneje avatar Jul 19 '22 17:07 rittneje

Thanks for submitting this - I think its a valuable feature request and something the SDK should likely support natively.

alextwoods avatar Jul 19 '22 17:07 alextwoods