AWS CLI

Is the command line tool allowing you to perform functions on the aws platform. In order for it to work in needs to

  • be configured for the correct credentials

* The AWS CLI signs requests on your behalf, and includes a date in the signature. Ensure that your computer's date and time are set correctly; if not, the date in the signature may not match the date of the request, and AWS rejects the request.

AWS Security

  • DefaultAWSCredentialsProviderChain - consists of a wrapper of the other creditial provider types. Including
public DefaultAWSCredentialsProviderChain() {
        super(new EnvironmentVariableCredentialsProvider(),
              new SystemPropertiesCredentialsProvider(),
              new ProfileCredentialsProvider(),
              new EC2ContainerCredentialsProviderWrapper());
    }

AWS credentials provider chain that looks for credentials in this order:

  • Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY (RECOMMENDED since they are recognized by all the AWS SDKs and CLI except for .NET), or AWS_ACCESS_KEY and AWS_SECRET_KEY (only recognized by Java SDK)
  • Java System Properties - aws.accessKeyId and aws.secretKey
  • Credential profiles file at the default location (~/.aws/credentials) shared by all AWS SDKs and the AWS CLI
  • Credentials delivered through the Amazon EC2 container service if AWS_CONTAINER_CREDENTIALS_RELATIVE_URI“ environment variable is set and security manager has permission to access the variable,
  • Instance profile credentials delivered through the Amazon EC2 metadata service

* EnvironmentVariableCredentialsProvider - Credentials provider based on AWS configuration profiles. This provider vends AWSCredentials from the profile configuration file for the default profile, or for a specific, named profile.

ProfileCredentialsProvider
 
aws.txt · Last modified: 2017/12/05 04:02 by root
 
RSS - 200 © CrosswireDigitialMedia Ltd