Skip to content

v2.5.0
Compare
Choose a tag to compare
@cloudposse-releaser cloudposse-releaser released this 28 Aug 18:02
· 6 commits to refs/heads/main since this release
v2.5.0
b453cd2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
fix: assume IAM role before running `cloudposse/github-action-atmos-get-setting` @goruha (#58)

what

  • assume IAM role before running cloudposse/github-action-atmos-get-setting

why

As of atmos 1.86.2, when atmos.Component began actually retrieving the TF state, it broke cloudposse/github-action-atmos-affected-stacks which we resolved as part of this release of the aforementioned action. We just had the action assume the IAM role, and that was it. However in cases where this function is used, appropriate IAM credentials to also be a requirement for cloudposse/github-action-atmos-get-setting:

> Run cloudposse/github-action-atmos-get-setting@v1
template: all-atmos-sections:163:26: executing "all-atmos-sections" at <atmos.Component>: error calling Component: exit status 1

Error: error configuring S3 Backend: IAM Role (arn:aws:iam::xxxxxxxxxxxx:role/xxxx-core-gbl-root-tfstate) cannot be assumed.

There are a number of possible causes of this - the most common are:
  * The credentials used in order to assume the role are invalid
  * The credentials do not have appropriate permission to assume the role
  * The role ARN is not valid

Error: NoCredentialProviders: no valid providers in chain. Deprecated.
	For verbose messaging see aws.Config.CredentialsChainVerboseErrors

references

https://github.com/cloudposse/atmos/releases/tag/v1.86.2

Contributors

goruha
Assets 2
Loading