Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(ec2): allow --http-proxy and --https-proxy in Cloudformation helper scripts #19479

Open
1 of 2 tasks
maafk opened this issue Mar 20, 2022 · 2 comments
Open
1 of 2 tasks

(ec2): allow --http-proxy and --https-proxy in Cloudformation helper scripts #19479

maafk opened this issue Mar 20, 2022 · 2 comments
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. p2

Comments

@maafk
Copy link
Contributor

maafk commented Mar 20, 2022

Description

Cloudformation helper scripts such as cfn-init include options that allow users to set proxies.

/opt/aws/bin/cfn-init --https-proxy https://my-proxy.com

These options aren't available in ApplyCloudFormationInitOptions

Use Case

When operating in locked down networks where proxies are required to reach Cloudformation endpoints, the --http-proxy and/or --https-proxy options are necessary

Proposed Solution

In ApplyCloudFormationInitOptions, allow the option for httpProxy and httpsProxy

Other information

I have a PR ready

Acknowledge

  • I may be able to implement this feature request
  • This feature might incur a breaking change
@maafk maafk added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Mar 20, 2022
@github-actions github-actions bot added the @aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud label Mar 20, 2022
@maafk maafk mentioned this issue Mar 20, 2022
Closed
2 tasks
@corymhall
Copy link
Contributor

I am unassigning and marking this issue as p2, which means that we are unable to work on this immediately.

If you have a PR ready that is great, we definitely welcome contributions!

We use +1s to help prioritize our work, and are happy to revaluate this issue based on community feedback. You can reach out to the cdk.dev community on Slack to solicit support for reprioritization.

@corymhall corymhall added p2 effort/small Small work item – less than a day of effort and removed needs-triage This issue or PR still needs to be triaged. labels Mar 21, 2022
@corymhall corymhall removed their assignment Mar 21, 2022
@maafk
Copy link
Contributor Author

maafk commented Aug 1, 2022

@corymhall

Working on a PR for this, but struggling with a circular dependency issue.

Since a --http-proxy or --https-poxy string can have sensitive data in it (e.g. https://user:password@host:port), I'd like to use a secrets manager secret to put the password in.

To enable use of aws-secretsmanager within the aws-ec2 package, I'd add "@aws-cdk/aws-secretsmanager": "0.0.0", to packages/@aws-cdk/aws-ec2/package.json.

However "@aws-cdk/aws-ec2": "0.0.0", is already a dependency in packages/@aws-cdk/aws-secretsmanager/package.json.

Is it possible to use aws-secretsmanager constructs within aws-ec2? Any other packages doing a workaround for something like this that I can learn from?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. p2
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(ec2): add options for Cfn init proxies
2 participants
@maafk @corymhall