search

flownative / flow-aws-s3

Amazon S3 adaptor for Neos and Flow
MIT License
18 stars 33 forks source link

Do not set default "dummy" credentials in default settings #39

Closed baschny closed 3 years ago

baschny commented 3 years ago

We use AWS instance profiles to authenticate the application with S3 (instead of hardcoding AWS credentials). This is supported by the AWS PHP-API and also works, but requires us to not set any credential. Our first try we did that, but stumbled over dummy credentials:

          credentials:
            key: 'ABCD123EFG456HIJ7890'
            secret: 'aBc123DEf456GHi789JKlMNopqRsTuVWXyz12345'

We didn't noticed that at first and were debugging why the access was being denied, until we did a:

./flow configuration:show --path Flownative.Aws.S3.profiles.default

which solved the mystery. So a suggestion: remove these hardcoded dummy values, maybe just keep them commented out so we don't need to override them if not required.

baschny commented 3 years ago

The solution with current code is:


Flownative:
  Aws:
    S3:
      profiles:
        default:
          credentials: ~