Reputation: 31
I need to use aws_session_token with puppetlabs-aws
At my work, when using aws cli we use aws_session_token. I don't see anything in puppetlabs-aws support for aws_session_token. Any ideas?
Upvotes: 1
Views: 481
Answers (1)
Reputation: 1
AWS_SESSION_TOKEN is usually used when you're obtaining temporary credentials from AWS security token service (STS). This is usually when you make the call to Assume a role. So a lot of this depends on how you've got your command line set up:
If you are explcitly calling assume role like this:
aws sts assume-role --role-arn "arn:aws:iam::123456789012:role/RoleToAssume" --role-session-name AWSCLI-Session
You should get back a response with three variables:
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_SESSION_TOKEN
You should just be able to export each of these as environment variables and then run puppet apply.
If you are not explicitly calling assume role and are using instance profiles, puppet should automatically find these 3 variables.
If you are calling assume role via AWS_PROFILES in your ~/.aws/config then it should just be sufficient to run puppet apply after setting the AWS_PROFILE environment variable.
You may also want to consider using the newer puppetlabs amazon_aws module which superseeds puppetlabs/aws.
Upvotes: 0
Related Questions
- boto3 sessions and aws_session_token management
- How to pass docker swarm manager token to worker nodes in AWS using Terraform
- Amazon session token
- AWS Session token expired while running terraform apply
- Boto3 session get_credentials() is not returning token
- How to create s3 client object using Session token?
- How to get temporary session token for accessing AWS ECR?
- How to I access Security token for Python SDK boto3
- boto3 cache session token not working
- Boto3: Get aws_security_token