access environment.yaml data from the hooks
kapil.thangavelu at canonical.com
Fri Jul 11 11:36:01 UTC 2014
On Fri, Jul 11, 2014 at 4:44 AM, Tudor Rogoz <rogoz at adobe.com> wrote:
> Hi all,
> Is it possible to access the juju environment properties directly from
> the hooks?
> More precisely, I want to have access to the AWS credentials (defined in
> the environments.yaml file) directly from the hooks, is this possible? I
> can workaround the situation, by defining specific config properties and
> duplicate the information there and this way I can get the data by calling
> ‘config-get’ function.But I’m just thinking if maybe it would be a cleaner
> way to achieve this.Ideas?
Juju doesn't allow for extraction of provider credentials from the state
server as a security measure. Its typically much better to define these as
charm config properties, because you can use a separate iam account that's
permission scoped to the usage you want rather than proliferating a more
privileged account. Even better is using iam roles (
with manual provisioning and workload placement (deploy --to) against the
ec2 provider and avoiding the credential management entirely.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Juju