General discussion about Chef

[chef] Re: Re: Not able to use IAM role with knife ec2 command


Chronological Thread 
  • From: Varun Shankar < >
  • To:
  • Subject: [chef] Re: Re: Not able to use IAM role with knife ec2 command
  • Date: Sat, 25 Oct 2014 10:54:36 +0530
My workstation is an ec2 instance having an IAM role. I don't want to keep EC2 credentials on this instance. Knife ec2  should be able to use the IAM role attached with the instance. According to the documentation --use-iam-profile parameter does exactly that. But it i not working when I try to use the same.

On Thu, Oct 23, 2014 at 9:08 PM, Julian C. Dunn < " target="_blank"> > wrote:
$ knife ec2 server create --help|grep profile
        --iam-profile NAME           The IAM instance profile to apply
to this instance.

The help options are going to be specific for the subcommand you're
executing. "--iam-profile" makes no sense in the context of listing
servers.

- Julian

On Thu, Oct 23, 2014 at 6:01 AM, Varun Shankar < "> > wrote:
> I am using following version:
> knife-ec2-0.8.0
> Chef: 11.16.0
>
> The documentation here (https://docs.getchef.com/plugin_knife_ec2.html#id7)
> says:
> --use-iam-profile
> Use the Identity and Access Management (IAM) that is assigned to the current
> machine. Default value: false.
>
> But I don't see this option available in knife ec2 command.
>
> ~]$ knife ec2 server list --use-iam-profile
> Error: invalid option: --use-iam-profile
> USAGE: knife ec2 server list (options)
>     -A, --aws-access-key-id KEY      Your AWS Access Key ID
>         --aws-credential-file FILE   File containing AWS credentials as used
> by aws cmdline tools
>     -K SECRET,                       Your AWS API Secret Access Key
>         --aws-secret-access-key
>         --availability-zone          Show availability zones
>     -s, --server-url URL             Chef Server URL
>         --chef-zero-host HOST        Host to start chef-zero on
>         --chef-zero-port PORT        Port to start chef-zero on
>     -k, --key KEY                    API Client Key
>         --[no-]color                 Use colored output, defaults to false
> on Windows, true otherwise
>     -c, --config CONFIG              The configuration file to use
>         --defaults                   Accept default values for all questions
>     -d, --disable-editing            Do not open EDITOR, just accept the
> data as is
>     -e, --editor EDITOR              Set the editor to use for interactive
> commands
>     -E, --environment ENVIRONMENT    Set the Chef environment (except for in
> searches, where this will be flagrantly ignored)
>     -F, --format FORMAT              Which format to use for output
>     -z, --local-mode                 Point knife commands at local
> repository instead of server
>     -n, --no-name                    Do not display name tag in output
>     -u, --user USER                  API Client Username
>         --print-after                Show the data after a destructive
> operation
>         --region REGION              Your AWS region
>     -t, --tags TAG1,TAG2             List of tags to output
>     -V, --verbose                    More verbose output. Use twice for max
> verbosity
>     -v, --version                    Show chef version
>     -y, --yes                        Say yes to all prompts for confirmation
>     -h, --help                       Show this message



--
[ Julian C. Dunn < "> >          * Sorry, I'm    ]
[ WWW: http://www.aquezada.com/staff/julian    * only Web 1.0  ]
[ gopher://sdf.org/1/users/keymaker/           * compliant!    ]
[ PGP: 91B3 7A9D 683C 7C16 715F 442C 6065 D533 FDC2 05B9       ]


Archive powered by MHonArc 2.6.16.

§