-
Notifications
You must be signed in to change notification settings - Fork 9.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
provider/aws: Adds arn
as an output for aws_elb
#5411
Conversation
iamconn := meta.(*AWSClient).iamconn | ||
region := meta.(*AWSClient).region | ||
// An zero value GetUserInput{} defers to the currently logged in user | ||
resp, err := iamconn.GetUser(&iam.GetUserInput{}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have historically had issues with this API call - it returns an error when authenticating via an EC2 Instance Profile (since there is no "current user" in that case). My suspicion is that this could break aws_elb
for users authenticating in that way.
I see we have quite a few uses in the provider with this pattern:
builtin/providers/aws/resource_aws_db_instance.go: resp, err := iamconn.GetUser(&iam.GetUserInput{})
builtin/providers/aws/resource_aws_db_parameter_group.go: resp, err := iamconn.GetUser(&iam.GetUserInput{})
builtin/providers/aws/resource_aws_db_security_group.go: resp, err := iamconn.GetUser(&iam.GetUserInput{})
builtin/providers/aws/resource_aws_db_subnet_group.go: resp, err := iamconn.GetUser(&iam.GetUserInput{})
builtin/providers/aws/resource_aws_elasticache_cluster.go: resp, err := iamconn.GetUser(&iam.GetUserInput{})
For ARN building I think we need is a shared helper that calls GetUser
but can also be overridden by an explicit AWS_ACCOUNT_ID
env var - and we include that info in the error to let proper ARNs be built for users authenticating w/ instance profiles.
Agreed with @phinze , just adding a few notes:
|
Closing this off - the original requestor hasn't asked back about it |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
As requested in #5406
Simple addition of ARN for the ELB resource