Closed
Bug 1452118
Opened 6 years ago
Closed 6 years ago
aws-provisioner shouldn't issue assume:worker-id:*
Categories
(Taskcluster :: Services, enhancement)
Taskcluster
Services
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1272643
People
(Reporter: jonasfj, Unassigned)
Details
See: https://github.com/taskcluster/aws-provisioner/blob/5a01a94141c38447968ec75232fd86a86cca366a/src/api-v1.js#L576 We should check that there is no implications of doing this. There could be legacy scope-patterns for APIs that people still use.
Comment 1•6 years ago
|
||
John, this is probably something we could provide for with a little forethought in the new worker-manager architcture, right?
Comment 2•6 years ago
|
||
Yes, in the worker manager, this would be supported as long as the underlying resources allow us to derive credentials which are securely tied to the worker id. It will also be supported once the current infrastructure is using iid-verify.
Comment 3•6 years ago
|
||
This is a dupe of 1272643
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → DUPLICATE
Assignee | ||
Updated•5 years ago
|
Component: AWS-Provisioner → Services
You need to log in
before you can comment on or make changes to this bug.
Description
•