[AWSFNDN-25] Port AWSFNDN-22 commits to master Created: 13/Apr/21  Updated: 22/Apr/21  Resolved: 16/Apr/21

Status: Closed
Project: AWS foundation (closed)
Component/s: None
Affects Version/s: None
Fix Version/s: 1.0.3

Type: Task Priority: Neutral
Reporter: Simon Lutz Assignee: Jesus Alonso
Resolution: Fixed Votes: 0
Labels: maintenance
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Relates
relates to AWSFNDN-22 aws-s3-connector: Option for not usin... Closed
dependency
is depended upon by EXTDAM-258 DOC: Update extdam S3 config info for... Closed
Template:
Acceptance criteria:
Empty
Task DoR:
Empty
Documentation update required:
Yes
Date of First Response:
Epic Link: AWSFNDN 2.0-cloud
Sprint: Maintenance 53
Story Points: 1

 Description   

See AWSFNDN-22



 Comments   
Comment by Jesus Alonso [ 16/Apr/21 ]

Commit merged in master

Hello jlegendre, I think we need to update our documentation. This ticket allows using the aws-s3-connector without using the credentials of our Password app. To do so, it is needed to add the following properties into the magnolia.properties file:

 

magnolia.aws.validateCredentials=false
magnolia.aws.useCredentials=false

 

Then, for setting the credentials, we have to follow the instructions of https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html

 

  1. Environment variablesAWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. The AWS SDK for Java uses the EnvironmentVariableCredentialsProvider class to load these credentials.
  1. Java system propertiesaws.accessKeyId and aws.secretKey. The AWS SDK for Java uses the SystemPropertiesCredentialsProvider to load these credentials.
  1. Web Identity Token credentials from the environment or container.
  1. The default credential profiles file– typically located at ~/.aws/credentials (location can vary per platform), and shared by many of the AWS SDKs and by the AWS CLI. The AWS SDK for Java uses the ProfileCredentialsProvider to load these credentials.

You can create a credentials file by using the aws configure command provided by the AWS CLI, or you can create it by editing the file with a text editor. For information about the credentials file format, see AWS Credentials File Format.

  1. Amazon ECS container credentials– loaded from the Amazon ECS if the environment variable AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is set. The AWS SDK for Java uses theContainerCredentialsProvider to load these credentials. You can specify the IP address for this value.
  1. Instance profile credentials– used on EC2 instances, and delivered through the Amazon EC2 metadata service. The AWS SDK for Java uses the InstanceProfileCredentialsProvider to load these credentials. You can specify the IP address for this value.
Comment by Julie Legendre [ 16/Apr/21 ]

Hi jalonso, thanks for the info

Is this an alternative or does it replace the password app way? 

I'm guessing this will come into effect with the next version of external dam on prem, correct?

Thanks!

J

Comment by Jesus Alonso [ 16/Apr/21 ]

It's an alternative and it will be ready, as you say, in the next aws-s3-connector release (so it would not be necessary to update the magnolia-external-dam-s3 connector.

Comment by Julie Legendre [ 16/Apr/21 ]

OK, so cloud only, got it! thank you for the clarification.

Comment by Jesus Alonso [ 16/Apr/21 ]

It's not cloud only, it could be used everywhere (but it was first developed for our cloud). The key is that it allows not using the password app for storing the aws credentials.

Comment by Julie Legendre [ 19/Apr/21 ]

oops ok, thanks

Generated at Sun Feb 11 23:23:43 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.