You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After doing some research, this might be easier than I expected. If we change the AWS access key environment variables to optional and allow the SDK to detect and use the built-in provider. That way, access to the S3 bucket can be assigned to the Content Building Block itself instead of using access keys. https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html
When you initialize a new service client without providing any credential arguments, the SDK uses the default credential provider chain to find AWS credentials. The SDK uses the first provider in the chain that returns credentials without an error. The default provider chain looks for credentials in the following order:
1. Environment variables.
2. Shared credentials file.
3. If your application uses an ECS task definition or RunTask API operation, IAM role for tasks.
4. If your application is running on an Amazon EC2 instance, IAM role for Amazon EC2.
The SDK detects and uses the built-in providers automatically, without requiring manual configurations. For example, if you use IAM roles for Amazon EC2 instances, your applications automatically use the instance’s credentials. You don’t need to manually configure credentials in your application.
As a best practice, AWS recommends that you specify credentials in the following order:
1. Use IAM roles for tasks if your application uses an ECS task definition or RunTask API operation.
2. Use IAM roles for Amazon EC2 (if your application is running on an Amazon EC2 instance).
IAM roles provide applications on the instance temporary security credentials to make AWS calls. IAM roles provide an easy way to distribute and manage credentials on multiple Amazon EC2 instances.
3. Use a shared credentials file.
This credentials file is the same one used by other SDKs and the AWS CLI. If you’re already using a shared credentials file, you can also use it for this purpose.
4. Use environment variables.
Setting environment variables is useful if you’re doing development work on a machine other than an Amazon EC2 instance.
IAM Roles for Tasks
If your application uses an Amazon ECS task definition or RunTask operation, use IAM Roles for Tasks to specify an IAM role that can be used by the containers in a task.
The text was updated successfully, but these errors were encountered:
From Tim Morgan (Slack URL):
After doing some research, this might be easier than I expected. If we change the AWS access key environment variables to optional and allow the SDK to detect and use the built-in provider. That way, access to the S3 bucket can be assigned to the Content Building Block itself instead of using access keys.
https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html
When you initialize a new service client without providing any credential arguments, the SDK uses the default credential provider chain to find AWS credentials. The SDK uses the first provider in the chain that returns credentials without an error. The default provider chain looks for credentials in the following order:
1. Environment variables.
2. Shared credentials file.
3. If your application uses an ECS task definition or RunTask API operation, IAM role for tasks.
4. If your application is running on an Amazon EC2 instance, IAM role for Amazon EC2.
The SDK detects and uses the built-in providers automatically, without requiring manual configurations. For example, if you use IAM roles for Amazon EC2 instances, your applications automatically use the instance’s credentials. You don’t need to manually configure credentials in your application.
As a best practice, AWS recommends that you specify credentials in the following order:
1. Use IAM roles for tasks if your application uses an ECS task definition or RunTask API operation.
2. Use IAM roles for Amazon EC2 (if your application is running on an Amazon EC2 instance).
IAM roles provide applications on the instance temporary security credentials to make AWS calls. IAM roles provide an easy way to distribute and manage credentials on multiple Amazon EC2 instances.
3. Use a shared credentials file.
This credentials file is the same one used by other SDKs and the AWS CLI. If you’re already using a shared credentials file, you can also use it for this purpose.
4. Use environment variables.
Setting environment variables is useful if you’re doing development work on a machine other than an Amazon EC2 instance.
IAM Roles for Tasks
If your application uses an Amazon ECS task definition or RunTask operation, use IAM Roles for Tasks to specify an IAM role that can be used by the containers in a task.
The text was updated successfully, but these errors were encountered: