Can an AWS alternative to Access Keys be added? #644
Comments
|
Hi @jblukach - first, thank you for your support, we really appreciate it! Do you have an example / more info of what would be needed for this? This would be in place of using the access key env vars for storage? |
|
I appreciate all the effort into Webrecorder, which is a big project! I was wondering if it would be possible to use temporary credentials instead of the static access keys. The container inherits the permissions from the task policy that generates the temporary credentials at runtime that should be accessible from these environment variables.
I saw some past issues for minio around this that are a bit unclear of the outcome, but it does appear support was added, maybe? https://min.io/docs/minio/linux/developers/python/API.html It looks like multipart uploads got added, too; just CreateSession is still missing for support. https://min.io/docs/minio/linux/reference/s3-api-compatibility.html Is it possible to test for |
I assembled a Python stack for Cloud Development Kit (CDK) that runs the Browsertrix Crawler docker container as an ECS Fargate task.
I try to avoid users at all costs by using Amazon roles. Instead, could the container be configured to use the task policy first, but if not available, look for the access key?
https://github.com/jblukach/lunkerzero/blob/main/lunkerzero/lunkerzero_inspection.py#L167
It could potentially help with issue #448, which is to have Browsertrix Crawler run as a docker Lambda container.
The text was updated successfully, but these errors were encountered: