From Core of tia version 2.0.3 it is possible to select different credentials providers for the authentication against the S3 storage.
The following providers are available:
basic
instanceprofile
basic
The basic provider authenticates against S3 with username/password.
<repo>.contentservice.s3blobstore.connectionuser=username <repo>.contentservice.s3blobstore.connectionpass=password <repo>.contentservice.s3blobstore.credentialsprovider=basic
instanceprofile
Authentication is handled internally via instanceprofile, without any credentials on our part.
This provider can only be used if Core of tia is also running in the AWS environment.
<repo>.contentservice.s3blobstore.credentialsprovider=instanceprofile <repo>.contentservice.s3blobstore.region=<region> (e.g. eu-central-1)
When using instanceprofile, do not use the endpoint parameter. This leads to undesirable behavior.
Instead, it is sufficient to identify the bucket using the region and bucketname parameters.
How exactly AWS has to be configured for the scenario can be read under Instance profile configuration in AWS .