[jboss-jira] [JBoss JIRA] (JGRP-2109) S3_PING: add support for instance metadata
Kerem Kacel (JIRA)
issues at jboss.org
Mon Oct 10 07:29:00 EDT 2016
[ https://issues.jboss.org/browse/JGRP-2109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13304817#comment-13304817 ]
Kerem Kacel commented on JGRP-2109:
-----------------------------------
Thanks for responding.
The implementations I listed already support it, but I'm asking if there is a plan to add support in the official JGroups project.
A commercial product we bought uses JGroups, and it's much easier to ask them to upgrade to the latest JGroups.
Why the feature is valuable:
A cloud security best-practice is to secure resources using IAM roles instead of IAM users, and to use instance profile instead of storing long-lived AWS access keys in config files.
> S3_PING: add support for instance metadata
> ------------------------------------------
>
> Key: JGRP-2109
> URL: https://issues.jboss.org/browse/JGRP-2109
> Project: JGroups
> Issue Type: Feature Request
> Reporter: Kerem Kacel
> Assignee: Bela Ban
> Fix For: 4.1
>
>
> The AWS libraries used by S3_PING do not support authenticating into the AWS API via the EC2 instance profile (implicit credentials stored on the AWS EC2 instance).
> The AWS SDK for Java supports instance profile. This eliminates the need for storing AWS access keys in config files.
> Are there any plans to add official support for this in JGroups?
> Resources:
> http://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/java-dg-roles.html
> http://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html
> Example third-party protocols:
> https://github.com/tagbangers/jgroups-s3-client-ping
> https://github.com/mcacker/jgroups-native-s3-ping
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list