Amazon S3 Credentials file for production?

I am trying to implement the "recommended" method of storing credentials in my application for connecting to Amazon S3, which seems to be use a credential file having read this:

http://docs.aws.amazon.com/AWSSdkDocsNET/V3/DeveloperGuide/net-dg-config-creds.html

where it states:

Don't put literal access keys in your application, including the project's App.config or Web.config file.Doing so creates a risk of accidentally exposing your credentials if, for example, you upload the project to a public repository.

this is fine, but all the example have c:/path/to/my/file

so how to i make this path relative to my application, and not literal?

i have this, and it no worky:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <configSections>
    <section name="aws" type="Amazon.AWSSection, AWSSDK.Core"/>
  </configSections>
  <aws
    profileName="Profile1"
    profilesLocation="~/Credentials.json">
  </aws>
...
</configuration>

is this approach NOT the correct way for a released application, and only suitable for development?

thanks!

Answers


You NEED TO KNOW know how AWS handle access.

First, the admin of the AWS resource will create Access Roles that will also generate a credential pair. It is call "access_key_id" and "secret_access_key".

Because Admin that new to AWS may assign many AWS apps to use the same roles and access key, that's why AWS document warn you NOT TO STORE IT inside your apps. So they recommend you to put the keyid and access key into a file, put it under a secure directory with restricted apps user/admin/apps group access. (in unix term, it means chmod 600)

Now back to your question. If your apps is running inside Windows instance and using .Net , unless you enable some sort of directory mapping(check .NET api), otherwise, you need to use windows path format.

If your apps are NOT using .Net, but something else like Java, node.js etc, (https://aws.amazon.com/tools/) , go get the correct API that will "talk AWS".


Need Your Help

Dynamically added form fields posting through php function as "array" instead of the values

php arrays forms

I have a form that allows the user to add more form fields if needed. I need to post the values through php in an email, but it keeps coming back as "array" instead of the values. I am a novice and...

What is happening when SimpleXML parses XML with special characters?

php simplexml special-characters

I am trying to solve this problem I am having with my final output.