How to AssumeRole in Terraform LocalExec Provisioner Block
I needed to execute a Terraform null_resource
provisioner
(local-exec) block to run an awscli
command, but assume a role passed down to it.
There was no obvious way to pass the credentials to it, or assume a role directly, so the following workaround did the trick:
AssumeRole and Pass LocalExec Provisioner Command
|
|
The above code snippet runs 2 aws cli
commands. The first is to get the credentials, which are then stored in environment variables, followed by consuming them in the actual aws cli
command at the bottom.
The role that we want to assume, has been setup in the local.workspace.role
local variable.
It is an ARN string that looks something like this:
|
|