-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal: Improved AWS configuration. #102
Conversation
Yeah - this sounds sensible to me. Thanks. Sorry for not looking at the other PRs before.
Where does this fit in? What would an example look like to do this? |
Co-authored-by: Jeremy Walker <jez.walker@gmail.com>
An example of this is you have role X, which has access to use Y on a different account, for access to resources in that account. See docs here: https://docs.aws.amazon.com/sdk-for-ruby/v3/developer-guide/setup-config.html#aws-ruby-sdk-credentials-access-token Full example:
|
Gotcha. Cool. Yep - this makes sense. Do it with a bump to the major version and I'll ship it. |
I accidentally made this draft almost a year ago, then forgot about it. Is good-to-go. Travis failure is unrelated. I have made an issue for this: #103 |
- moved upgrading to a separate doc - moved v1 to v2 changes there - wrote v2 to v3 update instructions
Also add missing comma.
Summary
Proposed change to Propono configuration, to allow more flexible AWS configuration, and defaults which match those of the
aws-sdk
.PR is currently a docs-only change, to encourage discussion, with code changes to follow after.
What problems does this solve?
Currently, AWS for Propono has two authentication options:
Proposed changes would:
~/.aws/credentials
or an IAM Role (if on EC2, ECS, etc).aws_options
, into which any options common to both SQS and SNS could be passed. Examples of these areregion
,access_key_id
, andsecret_access_key
.sqs_options
andsns_options
to configure per-service options. An example of where separate configuration might be useful is setting endpoints for development work. See Allow configuration of SNS and SQS endpoints. #95.Aws::AssumeRoleCredentials
.What about existing configuration options?
Currently, Propono provides
access_key
,secret_key
, andqueue_region
.Short term, remove these options from documentation, and have them continue to work silently. Optionally display a deprecation notice for each usage. This would allow current users to continue to use their existing authentication setup without modification.
On release of the next major version, remove these options entirely.