The AWS SDKs take care of getting the keys made available to the EC2 instance via IAM Roles. But if you are running something custom you can get the key info using a meta data call. See this doc page. http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#instance-metadata-security-credentials The keys are rotated so you need to do this using something like cron.
example: curl http://169.254.169.254/latest/meta-data/iam/security-credentials/your-IAM-Role-here You could for example run this every 5 minutes and update environment vars or check the expiration time and update 15 minutes before etc. The expiration time is included in the information that is returned in the iam/security-credentials/role-name category. -Mark
_______________________________________________ mapserver-users mailing list [email protected] http://lists.osgeo.org/mailman/listinfo/mapserver-users
