beno
Role based access for ExAWS
I am trying to get AWS authentication (for S3) working for a company AWS environment that relies heavily on IAM roles. This has to be one of the least transparent/most confusing things I have encountered for a long while, and I can’t find a fully configured working example.
Questions:
- Am I correct in thinking the AccessDenied I currently get with standard KEY/SECRET is due to the different role I have when creating S3 buckets?
- How do I retrieve my
role_arnand how does this fit in to the ex_aws config? - What is my
profile_nameand where does this come from? - Is there a working example somewhere I can take a look at?
Hopefully someone has this working
Most Liked
benwilson512
I’m sorry to hear that you’re having trouble. ExAws is completely compatible with and thus to some extent assumes a familiarity with the general AWS authorization mechanics. As a general rule, if you can get the configuration working with the aws cli it will also work fine with ExAws.
Concretely, in order to have key based authentication you need an AWS user. This is not the same thing as a role. However you can have a user assume a role when taking on actions provided that the role has a trust association with the user that allows the user to assume the role:
[default]
output = json
region = us-east-1
role_arn = arn:aws:iam::1234567890:role/YourRoleHere
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #javascript
- #code-sync
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








