jprdonnelly/opentf
1
0
Fork 0
mirror of https://github.com/opentffoundation/opentf.git synced 2025-12-25 01:00:16 -05:00
Code Issues Packages Projects Releases Wiki Activity

Backend/S3: Add support for overriding EC2 Metadata Service endpoint (#767)

Browse Source 
Signed-off-by: Marcin Białoń <mbialon@spacelift.io>
This commit is contained in:
Marcin Białoń
2023-10-24 16:24:55 +02:00
committed by GitHub
parent 45e5056626
commit 46e1c66f45
3 changed files with 16 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
internal/backend/remote-state/s3/backend.go
View File

@@ -240,6 +240,16 @@ func (b *Backend) ConfigSchema(context.Context) *configschema.Block {
Optional: true,
Description: "File containing custom root and intermediate certificates. Can also be configured using the `AWS_CA_BUNDLE` environment variable.",
},
"ec2_metadata_service_endpoint": {
Type: cty.String,
Optional: true,
Description: "The endpoint of IMDS.",
},
"ec2_metadata_service_endpoint_mode": {
Type: cty.String,
Optional: true,
Description: "The endpoint mode of IMDS. Valid values: IPv4, IPv6.",
},
"assume_role": {
NestedType: &configschema.Object{
Nesting: configschema.NestingSingle,
@@ -593,7 +603,9 @@ func (b *Backend) Configure(ctx context.Context, obj cty.Value) tfdiags.Diagnost
{Name: "APN", Version: "1.0"},
{Name: httpclient.DefaultApplicationName, Version: version.String()},
},
CustomCABundle: stringAttrDefaultEnvVar(obj, "custom_ca_bundle", "AWS_CA_BUNDLE"),
CustomCABundle: stringAttrDefaultEnvVar(obj, "custom_ca_bundle", "AWS_CA_BUNDLE"),
EC2MetadataServiceEndpoint: stringAttrDefaultEnvVar(obj, "ec2_metadata_service_endpoint", "AWS_EC2_METADATA_SERVICE_ENDPOINT"),
EC2MetadataServiceEndpointMode: stringAttrDefaultEnvVar(obj, "ec2_metadata_service_endpoint_mode", "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE"),
}
if val, ok := boolAttrOk(obj, "use_legacy_workflow"); ok {
@@ -614,14 +626,6 @@ func (b *Backend) Configure(ctx context.Context, obj cty.Value) tfdiags.Diagnost
cfg.SharedCredentialsFiles = []string{val}
}
if val, ok := boolAttrOk(obj, "skip_metadata_api_check"); ok {
if val {
cfg.EC2MetadataServiceEnableState = imds.ClientDisabled
} else {
cfg.EC2MetadataServiceEnableState = imds.ClientEnabled
}
}
if value := obj.GetAttr("assume_role"); !value.IsNull() {
cfg.AssumeRole = configureNestedAssumeRole(obj)
} else if value := obj.GetAttr("role_arn"); !value.IsNull() {