在 EC2 上的 nodejs 部署中定义 AWS 凭证
[英]Define AWS credentials in nodejs deployment on EC2
问题描述
I need guidance regarding using AWS-SDK credentials in production nodejs app.
我需要有关在生产 nodejs 应用程序中使用 AWS-SDK 凭证的指导。
What is the possible way of doing this?这样做的可能方法是什么? I researched about it that always use shared credentials files for aws credentials using that link.我研究过它总是使用共享凭证文件作为使用该链接的 aws 凭证。 "https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/loading-node-credentials-shared.html" “https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/loading-node-credentials-shared.html”
So I'm confused about the way.所以我对这种方式感到困惑。 Do I need to create that file in that Linux path specified in that link in VM of EC2?我是否需要在 EC2 VM 中该链接中指定的 Linux 路径中创建该文件?
I made a new IAM role for S3 and allocate it to a specific EC2 instance but through code how can I be able to access S3 services.我为 S3 创建了一个新的 IAM 角色并将其分配给特定的 EC2 实例,但通过代码我如何才能访问 S3 服务。 I deployed my app and it's still giving me access denied error on accessing S3 service.我部署了我的应用程序,但它仍然在访问 S3 服务时出现拒绝访问错误。
Do I still need to include credentials file as discussed in like given above?我是否仍需要包含如上文所述的凭据文件? And Do I still need to initialize S3?我还需要初始化 S3 吗?
const s3 = new aws.S3({
accessKeyId,
secretKey,
bucketRegion,
});
Please guide me that how can I deploy nodejs app without affecting AWS services.请指导我如何在不影响 AWS 服务的情况下部署 nodejs 应用程序。
1 个解决方案
解决方案1
1 2022-02-07 11:08:12
Following the AWS Well Architected Framework the best solution would be to assign a role with your required permissions to the EC2 instance that you are going to use.遵循AWS Well Architected Framework ,最好的解决方案是为您将要使用的 EC2 实例分配具有所需权限的角色。
You should strive from adding credentials to the application directly as they are not needed in most of the cases.您应该尽量避免直接向应用程序添加凭据,因为在大多数情况下不需要它们。
Please take a look at IAM roles for Amazon EC2 as how does AWS guides to achieving that.请查看Amazon EC2 的 IAM 角色,了解 AWS 如何指导实现这一目标。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.