Hi there. My team uses Ansible to manage resources across lots of different AWS accounts, and we are looking to move from using static access keys and secrets to credentials granted by IAM assume role. To do this, we'd need Ansible to be able to read credentials in an ~/.aws/config, as shown in the example below
~/.aws/credentials [access-normal] aws_access_key_id = XXXXXXXXXXXXXXXXXXX aws_secret_access_key = XXXXXXXXXXXXXXXXXXX aws_session_token = XXXXXXXXXXXXXXXXXXX aws_security_token = XXXXXXXXXXXXXXXXXXX ~/.aws/config [profile access-normal] output = text region = us-east-1 [profile powerUser] role_arn = arn:aws:iam::XXXXXXXXXXXXX:role/PowerUser source_profile = access-normal region = us-east-1 ref: https://github.com/ansible/ansible/blob/devel/lib/ansible/module_utils/ec2.py#L192 Do you think there is a version that use this format to access AWS resources (assuming role) for boto(2)? Thanks -- You received this message because you are subscribed to the Google Groups "Ansible Development" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-devel+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
