You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jackrabbit.apache.org by "John Logan (JIRA)" <ji...@apache.org> on 2016/07/25 22:06:20 UTC

[jira] [Commented] (JCR-3831) S3 DataStore to use Instance Roles

    [ https://issues.apache.org/jira/browse/JCR-3831?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15392742#comment-15392742 ] 

John Logan commented on JCR-3831:
---------------------------------

Duplicate of resolved issue JCR-3886?

The patch for that issue used the AmazonS3Client(ClientConfiguration clientConfiguration) constructor if no accessKey/secretKey are provided, and a look at the AWS SDK code shows that this constructor does DefaultAWSCredentialsProviderChain.



> S3 DataStore to use Instance Roles
> ----------------------------------
>
>                 Key: JCR-3831
>                 URL: https://issues.apache.org/jira/browse/JCR-3831
>             Project: Jackrabbit Content Repository
>          Issue Type: Improvement
>          Components: jackrabbit-core
>         Environment: AWS EC2
>            Reporter: Oli Dewdney
>            Priority: Minor
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> The S3Backend class currently requires the ACCESS_KEY and SECRET_KEY in the configuration. AWS allows the use of keys supplied to the EC2 Instance in the metadata to access the AWS API, thus removing hardcoded, permanent, externalably usable security info in config files.
> I propose the use of com.amazonaws.auth.DefaultAWSCredentialsProviderChain class instead of the BasicAWSCredentials class if the ACCESS_KEY is not supplied in the openService method of the /jackrabbit-aws-ext/src/main/java/org/apache/jackrabbit/aws/ext/Utils.java class.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)