AWS assume the role being provided by patrickdappollonio · Pull Request #2361 · konstructio/kubefirst

patrickdappollonio · 2025-01-13T18:44:21Z

Description

This PR:

Finds any default configuration for AWS authentication, including profiles, config files, and keys in environment variables.
Accepts a new role ARN to assume.
Verifies if the provided role has the minimum permissions to create clusters.
Converts the credentials to use the custom role ARN.

Related Issue(s)

Fixes #

How to Test

Run aws configure to ensure your AWS credentials are set up correctly for provisioning.

Provision a management cluster using the following example command:

go run . aws create \
  --alerts-email 1@gmail.com \
  --domain-name kubefirst.tech \
  --dns-provider cloudflare \
  --gitops-template-branch main \
  --git-provider gitlab \
  --gitlab-group ar373 \
  --cluster-name rr53

…auth

patrickdappollonio added 5 commits January 13, 2025 12:25

Fix catalog apps generation and validation.

b33ca86

AWS credential handling: pick local configuration then assume a role.

07567f1

Fix calls to flag parsing. Adds possibly needed AWS checker.

482fbbb

Check if user can create clusters.

a028e85

Typo in comment

ad0089f

patrickdappollonio requested review from jarededwards and nathan-nicholson January 13, 2025 18:44

Avoid stutter.

ef294ac

patrickdappollonio marked this pull request as draft January 13, 2025 22:59

patrickdappollonio and others added 16 commits January 14, 2025 13:01

Add creating a new role ARN if one isn't specified.

09c1116

Merge branch 'main' into aws-auth

1fcb8f1

Merge branch 'aws-auth' of github.com:konstructio/kubefirst into aws-…

014e5c6

…auth

Fix evaluation engine.

50d87d3

Fix tests. Update code to return true if all pass.

5730a80

Add additional test for missing action.

03ce55b

Update tests to comply with the new flow.

fb62a95

Pre-checks before operating.

d0b5ac1

Pre-checks before operating.

b9011ea

Update with checks.

52b9a25

Update with checks.

6d83d83

Update with checks.

4f2b84e

fix: errpr validation

f29a6bf

check is user has permission to assume roles

caf3e02

feat: add extra permissions to create a succesfull cluster

07595e7

fix: unit test cases

4f0adf7

jokestax marked this pull request as ready for review January 27, 2025 14:23

jokestax added 4 commits January 27, 2025 20:00

fix: lint issues

699f076

fix: lint issues

88700c9

fix: increase session duration

027a84e

fix: add retries

6c2005b

fix: tests

b95180a

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

AWS assume the role being provided#2361

AWS assume the role being provided#2361
patrickdappollonio wants to merge 27 commits intomainfrom
aws-auth

patrickdappollonio commented Jan 13, 2025 •

edited by jokestax

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

patrickdappollonio commented Jan 13, 2025 • edited by jokestax Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Related Issue(s)

How to Test

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

patrickdappollonio commented Jan 13, 2025 •

edited by jokestax

Loading