camel-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ben Parry (JIRA)" <>
Subject [jira] [Created] (CAMEL-9210) Make credentials optional in AWS component. Use IAM role if not supplied.
Date Sat, 10 Oct 2015 07:59:05 GMT
Ben Parry created CAMEL-9210:

             Summary: Make credentials optional in AWS component. Use IAM role if not supplied.
                 Key: CAMEL-9210
             Project: Camel
          Issue Type: Bug
          Components: camel-aws
    Affects Versions: 2.16.0
            Reporter: Ben Parry
            Priority: Minor

AWS supports instance profiles so users don't need to manage credentials on individual instances.

Please update the AWS connector so that the access key and secret are optional, and if not
given try to use those provided by an instance profile attached to the instance if one exists.
Most AWS SDKs support this, so it should just be a matter of updating the AWS SDK and making
those two parameters optional.

As a bonus, it'd be great for development if it also looked in environment variables for the
token and secret as well. That way users of the AWS connector could choose not to pass the
token & secret, but if they exported them into their environment they would be picked
up. This would allow local development on a non-EC2 instance (i.e. an instance without an
instance profile attached).

So, the order of resolution would be:

1. If key & token are provided to the AWS connector, use them (current behaviour).
2. If not, try to pull out AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from environment variables,
and use those. If not present, expect the AWS SDK to look into an instance profile associated
with the instance for credentials.

See for an example implementation with python/boto. The suggestion
above mirrors the approach they take.

This message was sent by Atlassian JIRA

View raw message