Use an instance profile or assume a role while accessing the S3 bucket

spotify / XCRemoteCache

Other

827 stars 50 forks source link

Use an instance profile or assume a role while accessing the S3 bucket #108

Closed devMEremenko closed 2 years ago

devMEremenko commented 2 years ago

Hi XCRemoteCache Team,

We are going to run XCRemoteCache on EC2 Macs in AWS.

Is it possible to use an instance profile or assume a role while accessing the S3 bucket?

Expected/desired behavior XCRemoteCache uses instance profile or assumes role while accessing S3 bucket

Relevant integration setup [X] Automatic integration using xcprepare integrate ...

Thanks!

polac24 commented 2 years ago

Hello! I assume you want to host your artifacts on S3 and EC2 is an environment where XCRemoteCache clients will run.

In short: Yes Details: To authorize XCRemoteCache clients into S3 you have to generate AWS access keys and according to Amazon's docs you can assign a profile to the IAM user. These AWS access keys should be added to the XCRemoteCache configuration described here.

devMEremenko commented 2 years ago

Hi @polac24,

Thanks for the reply!

Unfortunately, it's forbidden to use static keys for security reasons.

I've added support for AWS Temporary Access Keys as an alternative authorization method.

Let me know your thoughts there 😃