Credentials from a EC2 instance with instance-profile is not supported
Bug #2007966 reported by
Yoshi Kadokawa
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Canonical Juju |
Triaged
|
High
|
Unassigned | ||
Bug Description
At the moment, as far as I know the credentials for AWS provider,
using access key+secret access key is the only way.
However, there is also a way to retrieve the credentials from metadata(IMDS) when the EC2 instance is created with an instance-
I'm currently having a customer that has security policy that can not allow issuing access/security keys, but only allowing AWS API access from EC2 instance with the instance-profile configured.
As a reference, Terraform does support this method.[0]
Revision history for this message
| Thomas Miller (tlmiller) wrote | #1 |
| Changed in juju: | |
| assignee: | nobody → Thomas Miller (tlmiller) |
| milestone: | none → 3.1.2 |
| status: | New → Confirmed |
| status: | Confirmed → Triaged |
| importance: | Undecided → High |
| Changed in juju: | |
| milestone: | 3.1.2 → 3.1.3 |
| Changed in juju: | |
| milestone: | 3.1.3 → 3.1.4 |
| Changed in juju: | |
| milestone: | 3.1.4 → 3.1.5 |
| Changed in juju: | |
| milestone: | 3.1.5 → 3.1.6 |
| Changed in juju: | |
| milestone: | 3.1.6 → 3.1.7 |
| Changed in juju: | |
| milestone: | 3.1.7 → 3.1.8 |
| Changed in juju: | |
| milestone: | 3.1.8 → 3.5-beta1 |
| assignee: | Thomas Miller (tlmiller) → nobody |
| Changed in juju: | |
| milestone: | 3.5-beta1 → 3.5-beta2 |
| Changed in juju: | |
| milestone: | 3.5-beta2 → 3.5.1 |
To post a comment you must log in.
FYI we already support instance profiles on the controller https:/
We will look at adding support for instance profiles to the Juju client to work from jump hosts.