Use temporary config/credentials files when deploying app

This is primarily useful when testing locally, so that the users aws config/credentials aren't
polluted, and adds little no value otherwise.

Signed-off-by: Collin J. Doering <collin@rekahsoft.ca>
This commit is contained in:
Collin J. Doering 2018-12-08 13:06:21 -05:00
parent ac8d11ca8f
commit e83ccfb521
Signed by: rekahsoft
GPG Key ID: 7B4DEB93212B3022

View File

@ -339,6 +339,10 @@ resource "null_resource" "deploy_app" {
provisioner "local-exec" {
interpreter = ["bash", "-c"]
command = <<SCRIPT
: Create temporary aws config and credentials files
export AWS_CONFIG_FILE=$(mktemp);
export AWS_SHARED_CREDENTIALS_FILE=$(mktemp);
: Add default AWS account profile;
aws configure --profile ${aws_iam_user.app_deploy.name} set aws_access_key_id ${aws_iam_access_key.app_deploy.id};
aws configure --profile ${aws_iam_user.app_deploy.name} set aws_secret_access_key ${aws_iam_access_key.app_deploy.secret};
@ -346,6 +350,9 @@ aws configure --profile ${aws_iam_user.app_deploy.name} set region ${var.region}
: Sync latest app build to s3 bucket;
aws --profile ${aws_iam_user.app_deploy.name} s3 sync --delete ../_site s3://${aws_s3_bucket.static.id}/;
: Cleanup temporary aws config and credentials files
rm $${AWS_CONFIG_FILE} $${AWS_SHARED_CREDENTIALS_FILE};
SCRIPT
}
}