You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@usergrid.apache.org by "Alex Karasulu (JIRA)" <ji...@apache.org> on 2014/07/21 17:10:38 UTC
[jira] [Commented] (USERGRID-197) [CHOP] Provide mechanism for
providing AWS creds to cluster instances
[ https://issues.apache.org/jira/browse/USERGRID-197?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14068602#comment-14068602 ]
Alex Karasulu commented on USERGRID-197:
----------------------------------------
This issue may not be needed. Let me try to explain.
The maven plugin for chop can take the AWS creds you refer to. However as you advise this should never be supplied as is because the pom.xml is stored in git and is accessible to everyone so it is a security problem.
The way we have been doing this is by using property substitution via the per user maven settings.xml file in ~/m2/settings.xml. I usually setup a profile which is active by default to hold property values like credentials for AWS. Here's an example of a relevant section of my personal maven settings.xml file:
{noformat}
<profile>
<id>judo-chop</id>
<properties>
<aws.s3.key>xxxxxxxxxxxxx</aws.s3.key>
<aws.s3.secret>xxxxxxxxxxxx</aws.s3.secret>
...
</properties>
</profile>
....
<activeProfiles>
<activeProfile>judo-chop</activeProfile>
</activeProfiles>
</settings>
{noformat}
Then you can use these properties in the pom.xml within the chop plugin's configuration.
Hope this helps!
> [CHOP] Provide mechanism for providing AWS creds to cluster instances
> ---------------------------------------------------------------------
>
> Key: USERGRID-197
> URL: https://issues.apache.org/jira/browse/USERGRID-197
> Project: Usergrid
> Issue Type: Story
> Components: Chop
> Reporter: David Johnson
>
> In a cluster setup script, we need to be able to download things from S3 and so we need AWS credentials to be passed.
> We cannot specify them in the stack.json file because that file is to be kept in source code control.
--
This message was sent by Atlassian JIRA
(v6.2#6252)