Skip to content

Instantly share code, notes, and snippets.

View arcones's full-sized avatar
🏳️‍🌈

Marta Arcones arcones

🏳️‍🌈
View GitHub Profile
@arcones
arcones / gist:7bc62c94ac8f66a0714683f549aa9939
Created June 30, 2020 12:54
aws_kms_grant doesn't accept service principals in grantee_principal fiend
2020/06/30 14:52:24 [TRACE] [walkValidate] Entering eval tree: module.normalization.aws_lambda_function.normalization
2020/06/30 14:52:24 [TRACE] module.normalization: eval: *terraform.EvalSequence
2020/06/30 14:52:24 [TRACE] module.normalization: eval: *terraform.EvalGetProvider
2020/06/30 14:52:24 [TRACE] module.normalization: eval: *terraform.EvalValidateResource
2020/06/30 14:52:24 [WARN] module.normalization: eval: *terraform.EvalValidateResource, non-fatal err: "grantee_principal" doesn't look like a valid ARN ("^arn:[\\w-]+:([a-zA-Z0-9\\-])+:([a-z]{2}-(gov-)?[a-z]+-\\d{1})?:(\\d{12})?:(.*)$"): "sns.amazonaws.com"
2020/06/30 14:52:24 [ERROR] module.normalization: eval: *terraform.EvalSequence, err: "grantee_principal" doesn't look like a valid ARN ("^arn:[\\w-]+:([a-zA-Z0-9\\-])+:([a-z]{2}-(gov-)?[a-z]+-\\d{1})?:(\\d{12})?:(.*)$"): "sns.amazonaws.com"
@arcones
arcones / assume.sh
Created August 4, 2020 05:48
AWS assume role in one command by exporting the environment variables
ROLE_ARN_TO_ASSUME="arn:aws:iam::123456789012:role/myRole"
eval $(aws sts assume-role --role-arn ${ROLE_ARN_TO_ASSUME} --role-session-name test | jq -r '.Credentials | "export AWS_ACCESS_KEY_ID=\(.AccessKeyId)\nexport AWS_SECRET_ACCESS_KEY=\(.SecretAccessKey)\nexport AWS_SESSION_TOKEN=\(.SessionToken)\n"')