Public | Automated Build

Last pushed: 2 years ago
Short Description
Short description is empty for this repo.
Full Description

s3urlsigner

API that redirects requests to a generated signed URL for accessing private objects in AWS S3.

The main use case that resulted in creating this was that I wanted drop-in replacement URLs to use with configuration management tools (Such as Chef), while keeping S3 hosted objects private. Amazon S3 is being used as an alternative to a traditional private software-server for binaries, etc.

Docker

To run with docker with environment variables containing AWS credentials:

$ docker run -d -e AWS_ACCESS_KEY -e AWS_SECRET_KEY -p 8080:8080 stevejmason/s3urlsigner

Or, if you are using an IAM role (w/ S3 read access) on an AWS EC2 instance, omit the environment variable flags:

$ docker run -d -p 8080:8080 stevejmason/s3urlsigner

Requirements

  • Ruby with Rails installed.
  • AWS credentials must be provided. Please follow usual AWS practices for providing these, such as:
    • EC2 Instance IAM role.
    • User credentials file, default profile. (~/.aws/credentials).
    • Environment variables.
  • If using IAM, the role must have the s3:GetObject on the bucket/object being requested.

Security

  • This service should not be publicly exposed.
  • Proper access control/SSL offloading should be used otherwise.
  • No responsibility is accepted for the usage of this program.

Building

From within the project directory:
bundle install

Running

From within the project directory:
bundle exec unicorn

Usage

For reading S3 objects.
http://\<hostname\>:8080/get/\<region\>?b=\<bucket-name\>&f=\<object-key\>

TODO

  • Helper form to generate URL with region/bucket/file key.

Changelog

0.0.2 - Stephen J. Mason

  • Docker support.

0.0.1 - Stephen J. Mason

  • Initial release.
Docker Pull Command
Owner
stevejmason
Source Repository

Comments (0)