Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-55721

Amazon Ec2Plugin Enhancement Request

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed (View Workflow)
    • Priority: Minor
    • Resolution: Not A Defect
    • Component/s: ec2-plugin
    • Labels:
    • Environment:
      Jenkins CloudBees 2.73.32
    • Similar Issues:

      Description

      My Jenkins master is on Prem Machine and once all the executors are occupied on the Master, a new Slave should spin up in the AWS account, .
      We have succeeded doing it when the Master Jenkins and the Slave Agents both are in AWS.
      But now i am trying to execute it when the Master is On Prem.

      We have Contacted the Enterprise CloudBees Support Team regarding the same and they have suggested to use user credentials approach to connect Jenkins to EC2 and they have confirmed these is the only available approach to use the Ec2 plugin to connect Jenkins with AWS.

      But in Our organization we have multi factor authentication and role based authorizations to connect to AWS environment.
      The way we connect to AWS console is as below:
      we first provide our AD credentials (user/pwd) followed by the symantec VIP token, once connected we get a list of roles
      which we need to select in order authorize.

      SO could you please consider the below Requirement and enhance the functionality to include Role Based authorization.

        Attachments

          Activity

          Hide
          kasojup prashanth kasoju added a comment -

          Hi Team,

          Can someone please help me in this context.

          Thankyou,

          Prashanth K.

          Show
          kasojup prashanth kasoju added a comment - Hi Team, Can someone please help me in this context. Thankyou, Prashanth K.
          Hide
          max_allan max allan added a comment -

          Can you use instance roles? Give the Jenkins EC2 master instance the role to create new instances etc...

          Show
          max_allan max allan added a comment - Can you use instance roles? Give the Jenkins EC2 master instance the role to create new instances etc...
          Hide
          thoulen FABRIZIO MANFREDI added a comment -

          To raise new nodes from jenkins in the AWS is not need to login in the console and use login and password.

          In jenkins you need only the access key and secret key of a user that is able to raise node, the api interface doesn't require the OTP (MFA), you don't have to use the username and password, and jenkins doesn't need it (it doesn't loggin in the console to raise node). 

          My suggestion is to create a bot user in the account where no one can logging, with the right role and access key/ secret key.

           

          Show
          thoulen FABRIZIO MANFREDI added a comment - To raise new nodes from jenkins in the AWS is not need to login in the console and use login and password. In jenkins you need only the access key and secret key of a user that is able to raise node, the api interface doesn't require the OTP (MFA), you don't have to use the username and password, and jenkins doesn't need it (it doesn't loggin in the console to raise node).  My suggestion is to create a bot user in the account where no one can logging, with the right role and access key/ secret key.  

            People

            • Assignee:
              thoulen FABRIZIO MANFREDI
              Reporter:
              kasojup prashanth kasoju
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: