Allow identity blocks in sidecar_task blocks #24660
Labels
Comments
|
Hi @seanamos! This seems like a reasonable idea. I'll mark it for roadmapping, but I'm not sure when we'd get to this. You may want to look into deploying the gateway job as a standalone task, similar to what we've demonstrated in https://github.com/hashicorp-guides/consul-api-gateway-on-nomad |
github-project-automation
bot
moved this to Needs Triage
in Nomad - Community Issues Triage
tgross
moved this from Needs Triage
to Needs Roadmapping
in Nomad - Community Issues Triage
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Proposal
Allow the use of
identityblocks insidecar_taskblocks.This is similar in nature to #17987 .
Use-cases
Allow the injection of AWS identities into terminating gateways that invoke lambdas.
Attempted Solutions
It is possible the suggestion at #17987 (comment) would also work for this, that is to construct the job json in it's entirety manually and submit it. I have not tested this yet.
An easier to implement workaround is to add permissions to the EC2 IAM role/policy, but this is undesirable.
If #17987 were implemented and one has a Vault AWS secret backend, that could also work as an alternative solution.
The text was updated successfully, but these errors were encountered: