-
Notifications
You must be signed in to change notification settings - Fork 4.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS_ROLE_ARN env variable doesnt work without setting up config file #5639
Comments
Hi @tbua, thanks for reporting. I believe that this is not currently supported, according to this documentation: https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#using-aws-iam-roles
At this time I'm not sure what the restriction is, but I'll find out. I'll also mark this as a documentation issue for the user guide to make it consistent. |
The lack of this feature is causing problems for us. Our build job loads the However, the documentation explains that if both
This basically makes specifying Please add |
Hi @rittneje, Thanks for the feedback. Part of the reason to require it to be in a profile in the configuration is to better support credential chaining (using one role to get access to another account or role). Your use case is noted, so marking this as a feature request. |
Making feature that is well documented to actually work is a "feature request"? :) |
Hi @stawii , Which part of the documentation are you referring to? This specific environment variable (
It would be a feature request to extend the use of this environment variable. I marked it for documentation to clarify that in other sections. Let me know if this is unclear, thanks! |
@kdaily - yeah.. its clear now, somehow I've missed big box with "note" header... it should be named "READ THIS, DUMMY" ;) |
So, what I'm currently doing is export AWS_PROFILE=myscript-12345
aws configure set role_arn arn:aws:iam::12345:role/somerole
aws configure set source_profile default That kinda sucks, because it modifies the config file for what should just be a one-off thing (hence the |
Confirm by changing [ ] to [x] below:
Issue is about usage on:
Platform/OS/Hardware/Device
What are you running the cli on?
Windows10Pro V1903
Describe the question
AWS_ROLE_ARN is an environment variable supported by the cli as shown in this doc, but I can't seem to use it purely as an environment variable without having to set up a profile in
.aws/config
file.Desired usage:
What I have to do instead to make it work (with additional settings for ~/.aws/config):
I'm not sure if this is a bug, or that it's just not part of the feature support for AWS_ROLE_ARN. But it will be very useful to be able to set everything in the environment variable without having to touch the file directory. Similar issue has been opened in aws-sdk-go issue aws/aws-sdk-go-v2#2867
The text was updated successfully, but these errors were encountered: