Closed
Bug 1485986
Opened 6 years ago
Closed 5 years ago
EC2-Manager should allow credential generation based on Instance Identity Documents
Categories
(Taskcluster :: Services, enhancement)
Taskcluster
Services
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: jhford, Assigned: wcosta)
References
Details
Attachments
(2 files)
Once we have bug 1485984 resolved, we should add an endpoint to EC2-Manager which allows EC2 instances to get a set of credentials specific to its instance id.
Reporter | ||
Comment 1•6 years ago
|
||
Link to PR
Reporter | ||
Comment 2•6 years ago
|
||
Hi Wander. The node.js library is complete for doing the validations. Do you have time to finish up PR#54 or should I pick it up? Thanks.
Flags: needinfo?(wcosta)
Assignee | ||
Comment 3•6 years ago
|
||
(In reply to John Ford [:jhford] CET/CEST Berlin Time from comment #2) > Hi Wander. The node.js library is complete for doing the validations. Do > you have time to finish up PR#54 or should I pick it up? Thanks. I am currently porting docker-worker to GCP, not sure when I will finish, but I believe not after end of next week.
Flags: needinfo?(wcosta)
Reporter | ||
Comment 4•6 years ago
|
||
These are the public keys for us-[east]-[1,2] and eu-central-1
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → wcosta
Status: NEW → ASSIGNED
Assignee | ||
Comment 5•6 years ago
|
||
I am not able to verify new documents, it feels like something changed on Amazon side or I am doing something wrong. Could you please double check by downloading a new pair of document/rsa2048 and verify it?
Flags: needinfo?(jhford)
Reporter | ||
Comment 6•6 years ago
|
||
(In reply to Wander Lairson Costa [:wcosta] from comment #5) > I am not able to verify new documents, it feels like something changed on > Amazon side or I am doing something wrong. Could you please double check by > downloading a new pair of document/rsa2048 and verify it? I would have to boot a new instance, specially for this. Could you log into a Docker-Worker instance and download them?
Flags: needinfo?(jhford)
Assignee | ||
Comment 7•6 years ago
|
||
(In reply to John Ford [:jhford] CET/CEST Berlin Time from comment #6) > (In reply to Wander Lairson Costa [:wcosta] from comment #5) > > I am not able to verify new documents, it feels like something changed on > > Amazon side or I am doing something wrong. Could you please double check by > > downloading a new pair of document/rsa2048 and verify it? > > I would have to boot a new instance, specially for this. Could you log into > a Docker-Worker instance and download them? You can get the docs and keys here https://github.com/walac/ec2-manager/tree/secrets-endpoint/test/testdata That are the ones I am using.
Comment 8•6 years ago
|
||
Pete: I'm not sure where this fits in to the remove-provisioner-secrets puzzle, but figured you should at least be cc-ed.
Updated•6 years ago
|
Component: AWS-Provisioner → Services
Updated•5 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•