Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

clean environment every time #19

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

clean environment every time #19

wants to merge 1 commit into from

Conversation

veqryn
Copy link
Contributor

@veqryn veqryn commented Aug 11, 2017
edited
Loading

Fixes #18

This change is Reviewable

ejholmes
ejholmes suggested changes Aug 11, 2017
View reviewed changes
main.go
}
// Clear out any previously set AWS_ environment variables so
// they aren't used by this call
cleanEnv()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think cleanEnv() should actually just get removed. If we don't want aws-sdk-go to use creds from the environment, then we should just swap out the credential chain with an explicit SharedCredentialsProvider. I think it'd look something like:

config := aws.Config{Credentials: &credentials.SharedCredentialsProvider{Filename: "", Profile: ""}}
session := session.New(config)

cleanEnv() is some cruft from when this tool would shell out to the aws cli.

@veqryn
Copy link
Contributor Author

veqryn commented Aug 11, 2017

I looked through the old issues and found people had similar issues in the past.
It seems though that some people need these environment variables to connect to get the new session/assumed-role? If so, then we can't clear it any time.
Instead, we should force it to use the profile, as the correct credentials will be stored under there (or its parent profile).

@veqryn
Copy link
Contributor Author

veqryn commented Aug 11, 2017

Hm.. trying this and its not working:

	sess := session.Must(session.NewSession(&aws.Config{
		Credentials: credentials.NewSharedCredentials("", profile),
	}))

Output:

error: SharedCredsLoad: failed to get profile
caused by: section 'eo' does not exist

@jcftang
Copy link

jcftang commented Aug 29, 2018

I've been running into this issue as well where the env variables are used, it would be better if this tool used the credentials from the credentials config file and generated a config file and set the assumed credentials, it would allow for a daemonised assume-role process that can run just before the expiration of the token to be regenerated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ejholmes ejholmes ejholmes requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@veqryn @jcftang @ejholmes