Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update procure/aws to use AWS credentials provider chain #4

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

fix: update procure/aws to use AWS credentials provider chain #4

wants to merge 2 commits into from

Conversation

ramin
Copy link

@ramin ramin commented Feb 23, 2024

Hi

I noticed we had taken the option to specify aws_access_key_id and aws_secret_access_key in the procure/aws example. This is somewhat of an anti-pattern and incompatible with more modern security best practices to only use short lived or temporary access tokens.

I have modifed the provider to not specify this, and instead rely on the AWS credentials provider chain which will cascade through a handful of possible places the credentials might be provisioned.

This means each user/invoker can choose how to provisiion credentials, ie:

export AWS_ACCESS_KEY_ID=foo
export AWS_SECRET_ACCESS_KEY=bar
terraform init

or

AWS_PROFILE=my-profile-entry terraform init if credentials are in ~/.aws/credentials, or other areas if necessary (ie: instance temporary credentials).

Thank you

@ramin ramin mentioned this pull request Feb 23, 2024
Closed
arshan-ritual pushed a commit that referenced this pull request Jun 6, 2024
@stelios-ritual
Merge pull request #4 from ritual-net/sr/feat/gpu
0880251 
Multi-region/zone and GPU support
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ramin