Comments (4)
Yeah, I'll keep this issue open for discussion since I think your use case is something that others might run into later. I'll post an update later on 👍 .
from bottlerocket.
@johanvandeweerd Thanks for raising the issue. We will look in to this and come back to you.
from bottlerocket.
Hi @johanvandeweerd, sorry for the late response.
This seems to work but does that mean everything that needs AWS services are using the
ecr
profile?
Currently, the only place in Bottlerocket where settings.aws.profile
is used is on the configuration for the ECR credentials provider. So any changes you make to this configuration will only affect this component, which is good for your use case 🎉 . However, since this API lives under aws
in the API, we might try to use it in the future to set the profile for other services. For the time being, that's not the case so you should be safe, and you can configure the ECR credentials provider as you described above. I'll bring this to the team to discuss how we could better support use cases like yours.
from bottlerocket.
Thanks for the response @arnaldo2792.
Will you keep this issue open to track the outcome of any team discussions?
My biggest concern is to depend on this feature and it breaking down the road when other services also start to use that AWS profile because we have a very specific and limited role that we want to use for the credentials provider.
from bottlerocket.
Related Issues (20)
- Missing cAdvisor metrics HOT 2
- Setting to control bottlerocket host cgroup cpu allocation HOT 2
- v1.19.0 update eni-max-pods mapping file
- v1.19.0 Host container updates HOT 1
- v1.19.0 Go dependency updates
- Sandbox container image being GC'd in 1.29 HOT 8
- Specify autoloaded kernel module options via settings. HOT 4
- Update ECS agent to v1.81.0 and Docker to v25
- update to glibc 2.39
- v1.19.1 💘 Tracking Issue HOT 2
- Issue with Bottlerocket image HOT 1
- Missing runtime metrics from cAdvisor HOT 3
- Failed to start ContainerManager err="invalid kernel flag: vm/overcommit_memory, expected value: 1, actual value: 0" HOT 2
- OOTB: Remove conditional compilation from updog
- OOTB: Remove conditional compilation from logdog HOT 1
- Support for system-reserved pid setting HOT 2
- "privileged: true" in pod spec clobbers SELinux options HOT 1
- No metal-k8s-1.29 variant for Bottlerocket
- v1.19.2 💘 Tracking Issue HOT 9
- Use a bottle rocket AMI in an AWS EC2 Image Pipeline HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bottlerocket.