AWS OIDC: Script to configure EC2 Auto Discover with SSM #41053
Merged
+946
−16
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
marcoandredinis
added
no-changelog
marcoandredinis
force-pushed
the
marco/awsoidc-autodiscover-ssm-iam-conf
branch
2 times, most recently
from
5c85902 to
d78d7e2
Compare
marcoandredinis
force-pushed
the
marco/awsoidc-autodiscover-ssm-iam-conf
branch
3 times, most recently
from
a909ae6 to
1b18d51
Compare
|
@EdwardDowling @hugoShaka Can you please take a look? |
marcoandredinis
force-pushed
the
marco/awsoidc-autodiscover-ssm-iam-conf
branch
from
1b18d51 to
9ab8508
Compare
hugoShaka
approved these changes
May 9, 2024
There was a problem hiding this comment.
LGTM, my only optional nit would be to have a flag or something so the configure command does not fail and force-update the SSM document. The user could just delete it, but having a --force or --replace would provide a simple upgrade path if we need, and make the command idempotent.
EdwardDowling
approved these changes
May 9, 2024
I think we can add that later if we ever change the script. |
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
There's a new teleport command that adds an inline policy which enables the AWS OIDC Integration to handle EC2 Auto Discover using the script mode (SSM). It also adds the SSM Document used in the teleport installation. There's also a new endpoint which returns the one off script that uses that command.
Co-authored-by: Edward Dowling <[email protected]>
marcoandredinis
force-pushed
the
marco/awsoidc-autodiscover-ssm-iam-conf
branch
from
e9c83a5 to
1342dd7
Compare
|
@marcoandredinis See the table below for backport results.
|
marcoandredinis
added a commit
that referenced
this pull request
May 16, 2024
* AWS OIDC: Script to configure EC2 Auto Discover with SSM There's a new teleport command that adds an inline policy which enables the AWS OIDC Integration to handle EC2 Auto Discover using the script mode (SSM). It also adds the SSM Document used in the teleport installation. There's also a new endpoint which returns the one off script that uses that command. * Update lib/integrations/awsoidc/ec2_ssm_iam_config.go Co-authored-by: Edward Dowling <[email protected]> --------- Co-authored-by: Edward Dowling <[email protected]>
github-merge-queue bot
pushed a commit
that referenced
this pull request
May 16, 2024
…1393) * AWS OIDC: Script to configure EC2 Auto Discover with SSM There's a new teleport command that adds an inline policy which enables the AWS OIDC Integration to handle EC2 Auto Discover using the script mode (SSM). It also adds the SSM Document used in the teleport installation. There's also a new endpoint which returns the one off script that uses that command. * Update lib/integrations/awsoidc/ec2_ssm_iam_config.go --------- Co-authored-by: Edward Dowling <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There's a new teleport command that adds an inline policy which enables the AWS OIDC Integration to handle EC2 Auto Discover using the script mode (SSM).
It also adds the SSM Document used in the teleport installation.
There's also a new endpoint which returns the one off script that uses that command.
Demo: