Credentials provider
- Fabian Nola
- Kemal Erki
From tia® CS core version 2.0.3 it is possible to select different credentials providers for the authentication against the S3 storage.
The following providers are available:
basic
instanceprofile
basic
The basic provider authenticates against S3 with username/password.
<repo>.contentservice.s3blobstore.connectionuser=username
<repo>.contentservice.s3blobstore.connectionpass=password
<repo>.contentservice.s3blobstore.credentialsprovider=basicinstanceprofile
Authentication is handled internally via instanceprofile, without any credentials on our part.
This provider can only be used if tia® CS core is also running in the AWS environment.
<repo>.contentservice.s3blobstore.credentialsprovider=instanceprofile
<repo>.contentservice.s3blobstore.region=<region> (e.g. eu-central-1)When using instanceprofile, do not use the endpoint parameter. This leads to undesirable behavior.
Instead, it is sufficient to identify the bucket using the region and bucketname parameters.
How exactly AWS has to be configured for the scenario can be read under Instance profile configuration in AWS .
Alternatively we can use ECS services to deploy a container image. For this purpose read this documentation: Attach task-execution role to task definition in Elastic Container Service