2 réponses
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
Just create the client as you would anywhere, The SDK will figure out that it's "in" an ECS task and get the credentials from its metadata.
Depending on what you're doing, the metadata endpoint might be enough so you might not need this at all 😊 https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-metadata-endpoint.html
Good luck!
répondu il y a 2 ans
1
you don't need to pass any credential to your spring application (even it is dangerous). Your application run on ECS so, your application can use the task execution role, the task role grants additional AWS permissions required by your application once the container is started. So you can on task Role attach the ECS permission.
Example using Terraform as IAC
resource "aws_iam_policy" "example-policy" {
name = "example"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Action = [
"application-autoscaling:DescribeScalableTargets",
"ecs:ListServices",
"ecs:UpdateService",
"ecs:ListTasks",
"ecs:DescribeServices",
"ecs:DescribeTasks",
"ecs:DescribeClusters",
"ecs:ListClusters",
]
Effect = "Allow"
Resource = "*"
}
]
})
}
répondu il y a 2 ans
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 4 mois
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans