access environment.yaml data from the hooks

Kapil Thangavelu kapil.thangavelu at
Fri Jul 11 11:36:01 UTC 2014

On Fri, Jul 11, 2014 at 4:44 AM, Tudor Rogoz <rogoz at> wrote:

>  Hi all,
>  Is it possible to access the juju environment properties directly from
> the hooks?
> More precisely, I want to have access to the AWS credentials (defined in
> the environments.yaml file) directly from the hooks, is this possible? I
> can workaround the situation, by defining specific config properties  and
> duplicate the information there and this way I can get the data by calling
> ‘config-get’ function.But I’m just thinking if maybe it would be a cleaner
> way to achieve this.Ideas?
Juju doesn't allow for extraction of provider credentials from the state
server as a security measure. Its typically much better to define these as
charm config properties, because you can use a separate iam account that's
permission scoped to the usage you want rather than proliferating a more
privileged account. Even better is using iam roles (
with manual provisioning and workload placement (deploy --to) against the
ec2 provider and avoiding the credential management entirely.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Juju mailing list