Perl 6 - the future is here, just unevenly distributed

IRC log for #confidant, 2016-04-28

| Channels | #confidant index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
07:32 lyftbot left #confidant
07:32 lyftbot joined #confidant
12:03 ilbot3 joined #confidant
12:03 Topic for #confidant is now Secret management for AWS. https://lyft.github.io/confidant Channel logs at http://irclog.perlgeek.de/confidant/
12:10 lyftbot left #confidant
12:11 lyftbot joined #confidant
18:49 lyftbot [pnathan] Huh. Trying to get the KMS key policy for the auth key set up - adding in the     "Principal" : {         "AWS" : "arn:aws:iam::1234:role/confidant-role"      }  clause gives me rejection by AWS.
18:50 lyftbot [pnathan] (1234 redacted from my acct #)
18:52 lyftbot [pnathan] I wonder: does it require having the role precreated? Havn't done much with KMS before.
19:21 Ryan_Lane hey pnathan
19:22 Ryan_Lane yeah, the role needs to exist first
19:22 Ryan_Lane which is _really_ annoying
19:22 Ryan_Lane KMS is one of the only services that cares about that kind of stuff
19:23 Ryan_Lane I wonder what happens if you delete the role after it's been added to the key. it probably continues working, but won't allow you to update it anymore :D
19:23 Ryan_Lane poor feature imo
19:52 lyftbot [pnathan] yeah, no kidding
19:53 lyftbot [pnathan] @pnathan grinds to the next problem, whatever it is
20:26 Ryan_Lane pnathan: if the grant creations become an issue when creating services, let me know and I can maybe write some docs up on IAM policy for kms auth
20:26 Ryan_Lane there's unfortunately no docs from AWS about IAM policy for KMS
23:39 lyftbot [pnathan] I'm the IAM dude at my fine institution: I understood what you meant in the docs. The docs could be _clearer_, but, blah, IAM is a mountain of pain

| Channels | #confidant index | Today | | Search | Google Search | Plain-Text | summary