https://www.runatlantis.io/ logo
Title
c

Christoffer Nicklasson

03/28/2023, 10:19 AM
Howdy, any sugestions on how to run atlantis with different creds per team pr comes from ? As i would like to if a team members is doing some changes it should only use creds for that team and not the same as infra team needs to build core things, or is better then to run multiple atlantis instances ?
g

George

03/28/2023, 12:02 PM
You can mange it via different roles via specification in cloud provider if we are talking about aws for example.
j

Jonathan

03/28/2023, 12:26 PM
are theses PRs all from the same repo?
c

Christoffer Nicklasson

03/28/2023, 12:27 PM
No. every project have there own repo and owned by a team i rather not do it via provider as that then could be bypassed by the team
j

Jonathan

03/28/2023, 12:52 PM
then i'd run multiple Atlantis instances with different repo whitelistings
☝️ 1
c

Chastity Blackwell

03/28/2023, 1:07 PM
That's really the only option if you want to make sure that Atlantis can't do what you're asking.
c

Christoffer Nicklasson

03/28/2023, 1:28 PM
then we where no so off thinking thats our only option. Thanxs :thumbsup_all:
🙌 1
t

tpol

03/28/2023, 3:48 PM
You can try to do a custom workflow for each project and use pre_hook to set up correct credentials if i understood your request correctly
👍 1
c

Christoffer Nicklasson

03/28/2023, 3:50 PM
Where thinking if we could do it and dynamic with variables
m

Marcelo Leandro

03/29/2023, 7:28 AM
I think that you can try use direnv
you can use .envrc to set diferentes environments variables to each project/repository
then you can use something like it :
- run: direnv exec . terraform plan -input=false -out=$PLANFILE
in the workflow
o

Omkar Halankar

04/03/2023, 10:07 AM
@Christoffer Nicklasson finally did you try out anything other than aws_profiles in providers. ?
c

Christoffer Nicklasson

04/12/2023, 5:53 AM
been on vacation , so haven't got time to test