[
https://issues.apache.org/jira/browse/USERGRID-197?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14068602#comment-14068602
]
Alex Karasulu commented on USERGRID-197:
----------------------------------------
This issue may not be needed. Let me try to explain.
The maven plugin for chop can take the AWS creds you refer to. However as you
advise this should never be supplied as is because the pom.xml is stored in git
and is accessible to everyone so it is a security problem.
The way we have been doing this is by using property substitution via the per
user maven settings.xml file in ~/m2/settings.xml. I usually setup a profile
which is active by default to hold property values like credentials for AWS.
Here's an example of a relevant section of my personal maven settings.xml file:
{noformat}
<profile>
<id>judo-chop</id>
<properties>
<aws.s3.key>xxxxxxxxxxxxx</aws.s3.key>
<aws.s3.secret>xxxxxxxxxxxx</aws.s3.secret>
...
</properties>
</profile>
....
<activeProfiles>
<activeProfile>judo-chop</activeProfile>
</activeProfiles>
</settings>
{noformat}
Then you can use these properties in the pom.xml within the chop plugin's
configuration.
Hope this helps!
> [CHOP] Provide mechanism for providing AWS creds to cluster instances
> ---------------------------------------------------------------------
>
> Key: USERGRID-197
> URL: https://issues.apache.org/jira/browse/USERGRID-197
> Project: Usergrid
> Issue Type: Story
> Components: Chop
> Reporter: David Johnson
>
> In a cluster setup script, we need to be able to download things from S3 and
> so we need AWS credentials to be passed.
> We cannot specify them in the stack.json file because that file is to be kept
> in source code control.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
