Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Assume Role with Web Identity and honour skip_metadata_api_check = false #24441

Merged
merged 5 commits into from
Apr 28, 2022
Merged

Add support for Assume Role with Web Identity and honour skip_metadata_api_check = false #24441

merged 5 commits into from
Apr 28, 2022

Conversation

gdavison
Copy link
Contributor

@gdavison gdavison commented Apr 28, 2022
edited by ewbankkit
Loading

Adds support for Assume Role with Web Identity.

Allows the provider config skip_metadata_api_check to override the AWS_EC2_METADATA_DISABLED environment variable.

Closes #24370.
Closes #22907.
Relates hashicorp/aws-sdk-go-base#178.
Relates hashicorp/aws-sdk-go-base#240.

Output from acceptance testing:

N/A

@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. client-connections Pertains to the AWS Client and service connections. documentation Introduces or discusses updates to documentation. linter Pertains to changes to or issues with the various linters. provider Pertains to the provider itself, rather than any interaction with AWS. service/apprunner Issues and PRs that pertain to the apprunner service. service/athena Issues and PRs that pertain to the athena service. service/backup Issues and PRs that pertain to the backup service. service/cloudfront Issues and PRs that pertain to the cloudfront service. service/connect Issues and PRs that pertain to the connect service. service/ec2 Issues and PRs that pertain to the ec2 service. service/firehose Issues and PRs that pertain to the firehose service. service/gamelift Issues and PRs that pertain to the gamelift service. service/grafana Issues and PRs that pertain to the grafana service. service/iam Issues and PRs that pertain to the iam service. service/iot Issues and PRs that pertain to the iot service. service/mq Issues and PRs that pertain to the mq service. service/networkmanager Issues and PRs that pertain to the networkmanager service. service/opsworks Issues and PRs that pertain to the opsworks service. service/rds Issues and PRs that pertain to the rds service. service/route53domains Issues and PRs that pertain to the route53domains service. service/transitgateway Issues and PRs that pertain to the transitgateway service. service/vpc Issues and PRs that pertain to the vpc service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Apr 28, 2022
@ewbankkit
Copy link
Contributor

Relevant docs for the EC2 Metadata service change:

ewbankkit
ewbankkit approved these changes Apr 28, 2022
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% go test -v ./internal/provider 
=== RUN   TestExpandEndpoints
--- PASS: TestExpandEndpoints (0.00s)
=== RUN   TestEndpointMultipleKeys
--- PASS: TestEndpointMultipleKeys (0.00s)
=== RUN   TestEndpointEnvVarPrecedence
2022/04/28 08:00:57 [WARN] The environment variable "AWS_STS_ENDPOINT" is deprecated. Use "TF_AWS_STS_ENDPOINT" instead.
--- PASS: TestEndpointEnvVarPrecedence (0.00s)
=== RUN   TestValidAssumeRoleDuration
--- PASS: TestValidAssumeRoleDuration (0.00s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/provider	0.872s

@ewbankkit
Copy link
Contributor

A similar change should be made in https://github.com/hashicorp/terraform-provider-awscc which currently fails to build with aws-sdk-go-base v2.0.0-beta.16:

Error: internal/provider/provider.go:381:3: unknown field 'SkipEC2MetadataApiCheck' in struct literal of type "github.com/hashicorp/aws-sdk-go-base/v2/internal/config".Config

@gdavison gdavison merged commit 61e4559 into main Apr 28, 2022
@gdavison gdavison deleted the assume-web-identity branch April 28, 2022 17:27
@github-actions github-actions bot added this to the v4.12.0 milestone Apr 28, 2022
github-actions bot pushed a commit that referenced this pull request Apr 28, 2022
Update CHANGELOG.md for #24441
7d4f79b
@github-actions
Copy link

This functionality has been released in v4.12.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@gdavison gdavison mentioned this pull request May 4, 2022
Merged
@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 29, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees
No one assigned
Labels
client-connections Pertains to the AWS Client and service connections. documentation Introduces or discusses updates to documentation. linter Pertains to changes to or issues with the various linters. provider Pertains to the provider itself, rather than any interaction with AWS. service/apprunner Issues and PRs that pertain to the apprunner service. service/athena Issues and PRs that pertain to the athena service. service/backup Issues and PRs that pertain to the backup service. service/cloudfront Issues and PRs that pertain to the cloudfront service. service/connect Issues and PRs that pertain to the connect service. service/ec2 Issues and PRs that pertain to the ec2 service. service/firehose Issues and PRs that pertain to the firehose service. service/gamelift Issues and PRs that pertain to the gamelift service. service/grafana Issues and PRs that pertain to the grafana service. service/iam Issues and PRs that pertain to the iam service. service/iot Issues and PRs that pertain to the iot service. service/mq Issues and PRs that pertain to the mq service. service/networkmanager Issues and PRs that pertain to the networkmanager service. service/opsworks Issues and PRs that pertain to the opsworks service. service/rds Issues and PRs that pertain to the rds service. service/route53domains Issues and PRs that pertain to the route53domains service. service/transitgateway Issues and PRs that pertain to the transitgateway service. service/vpc Issues and PRs that pertain to the vpc service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v4.12.0
2 participants
@gdavison @ewbankkit