Perl 6 - the future is here, just unevenly distributed

IRC log for #confidant, 2016-05-06

| Channels | #confidant index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
01:48 ilbot3 joined #confidant
01:48 Topic for #confidant is now Secret management for AWS. https://lyft.github.io/confidant Channel logs at http://irclog.perlgeek.de/confidant/
07:56 abrody_ joined #confidant
13:04 lyftbot left #confidant
13:04 lyftbot joined #confidant
13:44 lyftbot [ambrons] I have a quick question around the `context` aka aws role you have to configure for confidant.  I'm pretty sure I know the answer here, but Confidant needs to know the AWS roles the EC2 instance hosting the application is running as correct?  I'm assuming since there aren't AWS Access Keys involved it's running as the instance's role not magically it's own?
14:01 lyftbot [ambrons] I'm also running into a new error around dynamodb:
14:01 lyftbot I'm getting `KeyError: u'data'`.
14:01 lyftbot I have a feeling it's probably because of my mental transformation of this
14:01 lyftbot ```
14:01 lyftbot data_type_date_index:
14:01 lyftbot hash key: data_type
14:01 lyftbot hash key data type: S
14:01 lyftbot range key: modified_date
14:01 lyftbot range key data type: S
14:01 lyftbot data_type_revision_index:
14:01 lyftbot hash key: data_type
14:01 lyftbot hash key data type: S
15:16 lyftbot [ambrons] I'm also getting the following errors:
15:16 lyftbot ```
15:16 lyftbot for cred in Credential.data_type_date_index.query('credential'):
15:16 lyftbot hash_key = hash_key_attr.deserialize(hash_key)
15:16 lyftbot AttributeError: 'NoneType' object has no attribute 'deserialize'
15:16 lyftbot ```
15:16 lyftbot So clearly I didn't translate the boto configuration to AWS console commands for DynamoDB.
17:10 Ryan_Lane hey @ambrons, sorry about the dynamo docs, they're not great
17:10 Ryan_Lane @ambrons, if you delete the table, and give confidant IAM permissions to create its own table, it'll do so
17:11 Ryan_Lane we have a bug open to make the schema as defined match the terms used in the aws console
17:12 Ryan_Lane as for the IAM role for confidant, if it's launched on an instance with an IAM role attached as an instance profile, the IAM role credentials will be available to it through the metadata service running on the instance
17:12 Ryan_Lane so it doesn't need to know anything about the role
17:12 Ryan_Lane boto3 will automatically fetch the credentials from the metadata service, if they're available
18:29 lyftbot [ambrons] @ryan-lane No biggy, do I need to be using 1.1 branch?  I'm using ECS + Docker version from 2 months ago?  I'll build the 1.1 into a Docker Image and host in our private repo, just need to know that's what I need to do first.
18:29 lyftbot In short I wasn't sure 1.1 was prime-time yet.
18:30 Ryan_Lane even in 1.0 it'll create your dynamo table
18:30 Ryan_Lane if you give it permissions to
18:30 Ryan_Lane but... you need to use the latest docker image
18:30 Ryan_Lane 1.1 is basically always usable, as we run that branch in production and do continous release on it
18:31 Ryan_Lane but... the docs are written for 1.0
18:31 Ryan_Lane so none of the new features are documented and there's one breaking change for auth (callback url changed)

| Channels | #confidant index | Today | | Search | Google Search | Plain-Text | summary