diff options
author | wn_ <[email protected]> | 2022-12-03 13:27:25 +0000 |
---|---|---|
committer | wn_ <[email protected]> | 2022-12-03 13:41:24 +0000 |
commit | 579cf771e59347a5892f5bfbcb23eedd0d34b529 (patch) | |
tree | 6ac3534c79a939e1e365d9f5acd94e2b3ac046f5 | |
parent | 64b4b9a3d4aba85e86fc32dbc2319bba04499074 (diff) |
Use the AWS PHP SDK's default credential provider chain.
This allows for use of any supported approach, in particular AWS IAM instance profiles, to provide credentials.
If used, access and secret key environment variables will need to be changed to the expected names (i.e. 'TTRSS_CACHE_S3_ACCESS_KEY' to 'AWS_ACCESS_KEY_ID' and 'CACHE_S3_SECRET_KEY' to 'AWS_SECRET_ACCESS_KEY').
-rw-r--r-- | README.md | 13 | ||||
-rw-r--r-- | init.php | 8 |
2 files changed, 10 insertions, 11 deletions
@@ -1,6 +1,6 @@ # Cache S3 -File cache backend using S3 protocol (e.g. Minio) +File cache backend using S3 protocol (e.g. Minio, AWS S3). ## Installation @@ -14,6 +14,13 @@ The following options are required: TTRSS_CACHE_S3_ENDPOINT=http://example.com:9000 TTRSS_CACHE_S3_BUCKET=bucket-name TTRSS_CACHE_S3_REGION=us-east-1 -TTRSS_CACHE_S3_ACCESS_KEY=xxx -TTRSS_CACHE_S3_SECRET_KEY=yyy +``` + +The following options are required if you're directly providing access keys (i.e. not using an IAM role or alternative approach). +See [Credentials for the AWS SDK for PHP Version 3](https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials.html) for more information. + +```ini +# Intentionally without the 'TTRSS_' prefix. +AWS_ACCESS_KEY_ID=xxx +AWS_SECRET_ACCESS_KEY=yyy ``` @@ -13,8 +13,6 @@ class Cache_S3 extends Plugin implements Cache_Adapter { const CACHE_S3_ENDPOINT = "CACHE_S3_ENDPOINT"; const CACHE_S3_BUCKET = "CACHE_S3_BUCKET"; const CACHE_S3_REGION = "CACHE_S3_REGION"; - const CACHE_S3_ACCESS_KEY = "CACHE_S3_ACCESS_KEY"; - const CACHE_S3_SECRET_KEY = "CACHE_S3_SECRET_KEY"; public function remove(string $filename): bool { return unlink($this->get_full_path($filename)); @@ -31,8 +29,6 @@ class Cache_S3 extends Plugin implements Cache_Adapter { Config::add(self::CACHE_S3_ENDPOINT, "", Config::T_STRING); Config::add(self::CACHE_S3_BUCKET, "", Config::T_STRING); Config::add(self::CACHE_S3_REGION, "", Config::T_STRING); - Config::add(self::CACHE_S3_ACCESS_KEY, "", Config::T_STRING); - Config::add(self::CACHE_S3_SECRET_KEY, "", Config::T_STRING); /** @phpstan-ignore-next-line */ $this->s3 = new Aws\S3\S3Client([ @@ -40,10 +36,6 @@ class Cache_S3 extends Plugin implements Cache_Adapter { 'region' => Config::get(self::CACHE_S3_REGION), 'endpoint' => Config::get(self::CACHE_S3_ENDPOINT), 'use_path_style_endpoint' => true, - 'credentials' => [ - 'key' => Config::get(self::CACHE_S3_ACCESS_KEY), - 'secret' => Config::get(self::CACHE_S3_SECRET_KEY) - ], ]); /** @phpstan-ignore-next-line */ |