Authenticating AWS accounts for your PowerTools workspace environments
When you first create a workspace, you declare one or more environments in your
When you run
pt workspace sync, PowerTools will automatically build the infrastructure for your entire team, setting
up your AWS or GCP account(s) for each region.
When you run
pt workspace sync or
pt workspace teardown, we recommend providing AWS credentials which have the
iam policy available.
Since workspace sync and teardown configure your entire AWS account, including various clusters, dns zones and IAM roles, escalated permissions are required.
You can also provide root user credentials when running sync and teardown commands.
pt workspace sync, PowerTools will automatically create an IAM policy with the correct permissions for using
Each environment will have a role with the following format:pt-<workspace-id>-<env>-user-role-allowed
To add a user to an environment in your workspace:
user-role-allowedpolicy described above to that user
pt will prompt you for your
AWS_SECRET_ACCESS_KEY to authenticate with your cloud accounts.
Please find the credentials for your IAM account by following these directions.
If you are trying PowerTools out for personal use, or have a small team, you can provide root credentials to simplify credential management.
Root credentials are not recommended for production workspaces.