search

netbox-community / netbox

The premier source of truth powering network automation. Open source under Apache 2. Try NetBox Cloud free: https://netboxlabs.com/free-netbox-cloud/
http://netboxlabs.com/oss/netbox/
Apache License 2.0
15.9k stars 2.55k forks source link

IAM Role-based permissions for data sources (namely S3) #17646

Open kennedymeadows opened 1 day ago

kennedymeadows commented 1 day ago

NetBox version

v3.7.4

Feature type

Change to existing functionality

Proposed functionality

Currently, in order to add a new Amazon S3 bucket as a data source, you are required to provide an AWS access key ID and AWS secret access key. The requested change is to make these fields optional as it is possible to grant role based permissions to the server which is running Netbox to allow access to a bucket.

This is already possible for media storage via configuration.py:

# By default, uploaded media is stored on the local filesystem. Using Django-storages is also supported. Provide the
# class path of the storage driver in STORAGE_BACKEND and any configuration options in STORAGE_CONFIG. For example:
STORAGE_BACKEND = 'storages.backends.s3boto3.S3Boto3Storage'
STORAGE_CONFIG = {
    # 'AWS_ACCESS_KEY_ID': 'Key ID',
    # 'AWS_SECRET_ACCESS_KEY': 'Secret',
    'AWS_STORAGE_BUCKET_NAME': '<%= @netbox_data['s3']['bucket'] %>',
    'AWS_S3_REGION_NAME': 'us-west-2',
}

Use case

This would allow for script and report uploads for users who use role-based permissions for S3 access.

Database changes

No response

External dependencies

No response

kennedymeadows commented 1 day ago

I should add that this has actually already been asked but there was no response. It was a pretty old issue so I created this new one for clarity: https://github.com/netbox-community/netbox/issues/13072