-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validate the aws account number which is worked on #8
Comments
I can't take a shot at this one. By "validate" do you mean prompt the user to acknowledge that the account number in the config is the desired one? |
Store account number in config... Get account number with aws api call and verify if they match |
The way I'm thinking about implementing this is to have the user add a property to src/test/resources/config.properties named "aws.targetAccount". In looking at how I would insert the logic to validate the account, I was thinking about creating a base class for the Delegator classes and put the logic in that base class. Ideally, I could refactor a lot of the boilerplate code from the Delegators into that base class. Does that work? |
Validating the account number on aws credential initialization would be better i believe. |
Are we limiting this for config driven accounts? What about credentials that are stored in environment variables or aws config files? Not sure the value of account number here? Perhaps "Who am I?" api call to see which account it is? |
|
So my understanding is that you want the user to indicate what account he is targeting via an env var. The code should then validate that the credentials that are being used are actually for that "target" account number. If the env var does not exist, then no validation takes place. |
Added comments here - https://github.com/intuit/CloudRaider/pull/13/files So the check priority will be like as follows:
|
Is your feature request related to a problem? Please describe.
Ppl often work with multiple aws accounts and often run scenarios or api calls inadvertently on the wrong aws account.
Describe the solution you'd like
Take acc no in the config and validate before performing any operations
Describe alternatives you've considered
This is usefull for a generic scanario where the names of ELB/ec2/tags are same across accounts
The text was updated successfully, but these errors were encountered: