External-dns: Where to provide AWS KEY ID and ACCESS KEY?

Created on 13 Sep 2020  路  9Comments  路  Source: kubernetes-sigs/external-dns

It's unclear where to provide the AWS key ID and access key after creating it for external-dns. The documentation only shows you how to specify the IAM role name and account number within the external-dns deployment, but doesn't show where to specify the credentials.

Here is the documentation I'm following to setup Route 53 access for external dns.
https://github.com/kubernetes-sigs/external-dns/blob/master/docs/tutorials/aws.md

kindocumentation
Source
picture dondreytaylor
👍1

Most helpful comment

This should be documented somewhere for end users.

/reopen
/remove-triage support
/help

picture seanmalloy on 16 Sep 2020
👍2

All 9 comments

I am not 100% sure about AWS_ACCESS_KEY_ID, and AWS_SECRET_ACCESS_KEY but I know that AWS_SHARED_CREDENTIALS_FILE works where you can feed it the path to a creds file in normal ini format:

[default]
aws_access_key_id = XXXXX
aws_secret_access_key =XXXXX

I suspect you could also feed it and AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as ENV variables and it would work. This is not well documented and _I THINK_ is based upon those ENVs being used by the upstream AWS library they are using.

I found the AWS_SHARED_CREDENTIALS_FILE by snooping bitnami's helm file.

Hope this helps.

mleklund picture mleklund on 14 Sep 2020
👍1

/triage support

seanmalloy picture seanmalloy on 14 Sep 2020

/kind documentation

seanmalloy picture seanmalloy on 14 Sep 2020

Thanks @mleklund, appreciate the help! Just tried setting _AWS_ACCESS_KEY_ID_ and _AWS_SECRET_ACCESS_KEY_ as ENV variables on the ec2 worker node that external-dns was deployed to and it worked perfectly. Supplying the variables within a file referenced by the environment variable AWS_SHARED_CREDENTIALS_FILE also worked.

dondreytaylor picture dondreytaylor on 15 Sep 2020
🎉2

Probably would be worthwhile to add documentation for this. I may add a pull request if time permits.

mleklund picture mleklund on 15 Sep 2020
👍1

This should be documented somewhere for end users.

/reopen
/remove-triage support
/help

seanmalloy picture seanmalloy on 16 Sep 2020
👍2

@seanmalloy: Reopened this issue.

In response to this:

This should be documented somewhere for end users.

/reopen
/remove-triage support
/help

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

k8s-ci-robot picture k8s-ci-robot on 16 Sep 2020

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 15 Dec 2020

My understanding is that we still need someone to update the documentation.

/remove-lifecycle stale

seanmalloy picture seanmalloy on 17 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

linki picture linki  路  4Comments
njuettner picture njuettner  路  4Comments
ysoldak picture ysoldak  路  3Comments
wndhydrnt picture wndhydrnt  路  3Comments
lemaral picture lemaral  路  4Comments