Page 1 of 1
Inheriting AWS S3 access rights from instance role
Posted: Thu Feb 08, 2024 2:31 pm
by Jean-Michel
Hello,
We have started evaluating running Syncovery as a Docker in AWS Elastic Container Service
On the AWS ECS task we have configured the role to have access to our buckets in order to avoid using AccessKey+SecretKey
So you know if this is supposed to work ?
Anyone had it to work ?
Thanks
Re: Inheriting AWS S3 access rights from instance role
Posted: Thu Feb 08, 2024 3:56 pm
by tobias
Currently the only way Syncovery can access the S3 API is using an access key and a secret key.
I will look into adding alternative ways of authentication (should they exist) in the future.
Re: Inheriting AWS S3 access rights from instance role
Posted: Fri Feb 09, 2024 8:31 am
by Jean-Michel
Thanks a lot Tobias
We will live with key credentials for now
Indeed when using the AWS SDK from inside an AWS infrastructure such as a Lambda, a docker task etc ... you assign a role to that instance which can have well defined access rights to the AWS services. In that case, you don't need to provide the keys.
For exemple we have a lot of python codes. To access S3 we just do
Code: Select all
import boto3
s3_client = boto3.client("s3")
and the code inherits the rights given to the instance
Happy to help or do some testing if you ever go in that direction
Thanks
Re: Inheriting AWS S3 access rights from instance role
Posted: Fri Feb 09, 2024 10:30 am
by tobias
Hello,
yes, I will definitely look into it!
Thanks.