You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
we are trying to access s3 resource without the need to explicitly specify access_key_id and secret_access_key in the s3 resource definition (we commit pipeline definitions to our Azure DevOps git and do not want to expose any credentials).
Concourse runs on EC2 server which has access through s3 by assuming its instance role/instance profile.
Currently we get "access denied" even though the role attached to EC2 has access to s3. This means that Concourse itself is unable to implicitly assume a role.
thanks for your help!
The text was updated successfully, but these errors were encountered:
The Concourse team has a thing about not using anything related to the environment/state of a worker. I'm not sure it makes sense to force that upon this resource though. I may make a PR to allow the use of using the instance role to assume another role. it's a bit of a middle-ground between these two opinions.
Hi,
we are trying to access s3 resource without the need to explicitly specify access_key_id and secret_access_key in the s3 resource definition (we commit pipeline definitions to our Azure DevOps git and do not want to expose any credentials).
Concourse runs on EC2 server which has access through s3 by assuming its instance role/instance profile.
Currently we get "access denied" even though the role attached to EC2 has access to s3. This means that Concourse itself is unable to implicitly assume a role.
thanks for your help!
The text was updated successfully, but these errors were encountered: