I have a flask application that needs to access some configuration files stored in s3 and I don't want to stored these in my git repo as there are sensitive information. I want to use boto3 to read in these files into the ec2 instance.
I need to know how I will be able to access those files on s3 using boto3. The ec2 instance is authorized to access the s3 bucket and since the application will be running on the ec2 (that is authorized) is it safe to say that any code run on that instance will also have these access. Note that I am going to run these script to read in these "config files" from my codedeploy "appspec.yml".
In summary will my codeploy instance be able to use the authorization on my ec2 instance to access the said s3 bucket or I need to give the codedeploy instance access too? I am aware I can add my access keys in my environment on my computer to run this script but how does it work on codedeploy?
AWS 공식업데이트됨 2년 전
Thought as much. I will test it out and let you know.
I was able to add the needed permissions as you advised.