Dealing with Amazon Web Service Access Keys

-
Amazon Web Services ( AWS ) access keys are required to make API calls for the range of AWS services. These keys can be troublesome, as the tendency is to hard code the values in your software ( which many internet examples do ) or to use configuration files which hold them in plain text.

In many ways this is bad. The secret key once displayed to you ( as the user ) is never returned again, hence its importance can not be understated.

However there is a way around this problem and its associated with AWS Identity Access Management ( IAM ) roles and AWS EC2 Instances.


In the digram above an application hosted on an EC2 instance requires access to S3 Objects. If you use the AWS Java SDK you can create a S3 Client Object which has a constructor which receives the private and access keys.

AmazonS3Client s3Client = new AmazonS3Client(AWSCredentials creds);

The constructor for this client receives a AWSCredentials object which is built using the secret and access key.

However a S3 Client constructor does exist which takes no parameters. This is the one that you use in an application as shown in the diagram above.

Because the IAM Get S3 Role has been associated with the EC2 instance, you do not need to pass in the secret and access keys to the S3 Client object.

The application is given access to the S3 objects because the EC2 instance that it is executing on has those privileges.







Comments

Post a Comment

Popular posts from this blog

Vaadin - GRID Component

-
Image
Introduction Vaadin 7.4 was recently released and it includes a new component called the GRID . It represents a 'Spreadsheet" type model from a UI perspective, however I think it lacks a lot of features you would expect from this type of component. Maybe this component will evolve over time and it will begin to have the functions that you expect from a spreadsheet. ( note: there is a commercial add on called the Spreadsheet from Vaadin ) Use Case The use case I am demonstrating below is a simple grid showing projected sales of Widgets over a five year period. Creation Creating a Grid is very simple and you have numerous options for sizing on the page. In the example below I setting it across the page. The Grid rows can be selected for editing, you can select single or multiple rows in a single action. myGrid = new Grid(); myGrid.setSizeFull(); myGrid.setSelectionMode(SelectionMode.SINGLE); Container Backing Similar to many other Vaadin componen
Read more

Connecting a Vaadin SQL Container to a Combo Box

-
It must be me. But I spent a lot of time trying to figure out how to connect a database table implemented as a Vaadin SQL Container to a Vaadin Combo Box. It seems such a simple concept. Anyway, here was my requirement. I needed a combo box to contain a list of Australia suburbs. The user would select a suburb which would filter the results in a table on the screen. My database table was very simple. A id field ( which was the primary key ) and a name field which contained the suburb name. The code for the SQL Container was simple. TableQuery q = new TableQuery("suburb", connectionPool); suburbContainer = new SQLContainer(q); Now code to establish the combo box and links to the SQL Container.   ComboBox suburbCB = new ComboBox();  suburbCB.addItem("");  suburbCB.setCaption("Filter by Suburb");  suburbCB.setContainerDataSource(app.getDatabase().loadSuburbs());  suburbCB.setItemCaptionPropertyId("name");  suburbCB.setItemC
Read more

Web Cam and Vaadin

-
A very interesting Web Cam Add On is available from the Vaadin Add On site . Here is a simple recipe for making it work. Create a split panel and add the Web Cam to the left hand side of the panel. splitPanel = new HorizontalSplitPanel(); splitPanel.setSizeFull(); VerticalLayout detailsLayout = new VerticalLayout(); detailsLayout.setSpacing(true); detailsLayout.setSizeFull(); // Create the webcam and assign a receiver. final Webcam webcam = new Webcam(); webcam.setWidth("600px"); detailsLayout.addComponent(webcam); detailsLayout.setComponentAlignment(webcam, Alignment.TOP_LEFT); Create a receiver which creates a temporary file with a jpeg extension. webcam.setReceiver(new Upload.Receiver() { @Override public OutputStream receiveUpload(String filename, String mimeType) { try { targetFile = File.createTemp
Read more