使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Credentials Changing

0

How do I stop credentials from changing every couple of hours?

Working on pushing docker images to an EC2 instance to train up machine learning algorithms and I need to access data on s3 during the training. My current credentials change every couple of hours and that makes it difficult to persist information within the docker containers.

  • Mickael-AWS
    2 年前

    Hello, without sharing credentials details, could you please provide more information on your authentication process ? Are you using AWS CLI ? or SDK ? or something else ? Thanks.

主題
運算DevOps
標籤
Linux 佈建AWS Batch運算DevOps
語言
English
rePost-User-4773274
已提問 2 年前檢視次數 273 次
1 個回答
0

Hi, you don't say if your using your, host, EC2 role credentials in the docker container or have another process?

Depending on your docker base image and the libraries it supports you could:-

  • Use the AWS SDK in your code, something like boto3 (python) can automatically manage the refresh of the credentials
  • a background thread, goroutine etc. in your app code could periodically query the metadata service url @http://169.254.169.254/latest/meta-data/iam/security-credentials/yourole and update credential used in your S3 call
  • Generate static credentials (IAM user) with limited access and inject the Secret/Access keys into your container in environment variables, these wont change but can also be used outside of your VPC so need to be least privilege and should be rotated frequently to limit security issues.

hope this helps

AWS
Malcolm_O
已回答 2 年前
profile pictureAWS
專家
kentrad
已審閱 2 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容