Comments (6)
I run iambic using docker run
alias iambic="docker run -it -u $(id -u):$(id -g) -v ${HOME}/.aws:/app/.aws:ro -e AWS_CONFIG_FILE=/app/.aws/config -e AWS_SHARED_CREDENTIALS_FILE=/app/.aws/credentials -e "AWS_PROFILE" -e HOME=/app -v /home/datfinesoul/github/undefined-io/iambic-templates:/templates:Z public.ecr.aws/iambic/iambic:latest"For me running
iambic upgrade
would still be useful if that generated changes for the supporting infrastructure. In terms of the executable upgrading itself, would upgrade still be possible using the way I run it?
Potentially I see two ways of doing this.. 1: would be just repulling the updated container, or two you could bash into the container using docker exec and issue the command that way
from iambic.
I run iambic using docker run
alias iambic="docker run -it -u $(id -u):$(id -g) -v ${HOME}/.aws:/app/.aws:ro -e AWS_CONFIG_FILE=/app/.aws/config -e AWS_SHARED_CREDENTIALS_FILE=/app/.aws/credentials -e "AWS_PROFILE" -e HOME=/app -v /home/datfinesoul/github/undefined-io/iambic-templates:/templates:Z public.ecr.aws/iambic/iambic:latest"
For me running iambic upgrade
would still be useful if that generated changes for the supporting infrastructure. In terms of the executable upgrading itself, would upgrade still be possible using the way I run it?
from iambic.
if you wanted there might be a way to do it as a scheduled Cron job inside the docker container to every 48 hours or so run iambic upgrade
from iambic.
Slack conversation for reference: https://noqcommunity.slack.com/archives/C02P9E8BDK6/p1684167712633089
from iambic.
@mxw-sec For NOQ, we would do a terraform apply
at https://github.com/noqdev/iambic/tree/main/deployment/github_app. (We actually have terraform monorepo for other stuffs in the company, we will have a slightly modified version like s3 states instead of local states). (Background on why we have terraform there because there is the container image pushing piece (ECR), lambda update piece. So terraform happens to be least path of resistance when I was working at the AWS deployment piece. Looking for feedback there.)
How are you deploying your lambda workflow? Knowing how you typically manage such lambda environment may lead to other solutions.
from iambic.
In this case I used the provided terraform modules. But I wonder if a Cloudformation Stack wouldn't be a better long term solution once the upgrade command is added.
Mainly for the fact that not everyone has terraform in their environment, let alone the experience to actually apply tf stacks.
Could there be a built in function one day inside iambic to deploy a CF stack for the integration, same way yall create the IAM roles??
iambic integrate
But that is future state for sure.
from iambic.
Related Issues (20)
- AWS IdentityCenter with AD Azure Connector that is not a fully qualified domain fail to import HOT 8
- Setup doesn't work on Windows OS HOT 1
- iambic setup does not check the CF Stacksets permission after the first detection HOT 2
- Encoding error when writing proposed_changes.txt file HOT 2
- Exception raised when iambic plan command is run on empty template file HOT 2
- IndexError('list index out of range') in import resources HOT 3
- ResourceNotFoundException in import resources HOT 6
- ValidationError(model='PermissionSetProperties') in iambic import HOT 2
- Assertion against new exclude_account during import.
- iambic does not throw warning/error for users/groups that do not exists in the Idp
- NOQ::AWS::Organizations::SCP Filter does not work
- iambic setup does not instruct the user regarding their AWS account cannot be use to setup AWS Organization
- Python Signal error on Windows OS HOT 2
- (continuous integration) we want to auto generate schema docs
- (aws role) the default description on a role should be None instead of ""
- Iambic Detect Fails AWS HOT 2
- (Google workspace) support user creation using iambic templates HOT 2
- Flag up attempts to change import_only resources HOT 1
- IAMbic plan fails for multi account yamls HOT 5
- Add import rules for Okta Configs
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from iambic.