We all know it's good practice to rotate your AWS credentials. But it's a pain when you need to update config files in six different apps every time you rotate.
AWSCredentials is here to make your life easier.
Put a YAML file up on your server at /etc/aws.conf that contains
access_key: your-access-key secret_access_key: your-secret-access-key
In your code
and then check
to retrieve the credentials.
When you rotate your keys, update /etc/aws.conf, restart your applications, and everything should be up-to-date.
Multiple credential sets
If you have a separate set of credentials for staging, you can set
AWSCredentials.environment = :staging
Credentials will be read from '/etc/aws.staging.conf'.
This convention works with any environment name.
You can also ask for specific credentials, for example
To avoid needless AWSCredentials.envrionment sets in Rails, envrionment defaults to RAILS/RACK_ENV environmental variables.
So, in staging, your app will try to read config from
You're always welcome to set environment or config_path in the environment files to override.
Other config layouts
If want to store your AWS keys in a different file, you can set
AWSCredentials.config_path = '/some/other/path'
to pick up the YAML file from a different location.
Copyright © 2009 Ben Koski. See LICENSE for details.