|
4 | 4 |
|
5 | 5 | To use the package, you will need an AWS account and to enter your credentials into R. Your keypair can be generated on the [IAM Management Console](https://aws.amazon.com/) under the heading *Access Keys*. Note that you only have access to your secret key once. After it is generated, you need to save it in a secure location. New keypairs can be generated at any time if yours has been lost, stolen, or forgotten. The [**aws.iam** package](https://github.com/cloudyr/aws.iam) profiles tools for working with IAM, including creating roles, users, groups, and credentials programmatically; it is not needed to *use* IAM credentials. |
6 | 6 |
|
7 | | -By default, all **cloudyr** packages for AWS services allow the use of credentials specified in a number of ways, beginning with: |
8 | | - |
9 | | - 1. User-supplied values passed directly to functions. |
10 | | - 2. Environment variables, which can alternatively be set on the command line prior to starting R or via an `Renviron.site` or `.Renviron` file, which are used to set environment variables in R during startup (see `? Startup`). Or they can be set within R: |
11 | | - |
12 | | - ```R |
13 | | - Sys.setenv("AWS_ACCESS_KEY_ID" = "mykey", |
14 | | - "AWS_SECRET_ACCESS_KEY" = "mysecretkey", |
15 | | - "AWS_DEFAULT_REGION" = "us-east-1", |
16 | | - "AWS_SESSION_TOKEN" = "mytoken") |
17 | | - ``` |
18 | | - 3. If R is running an EC2 instance, the role profile credentials provided by [**aws.ec2metadata**](https://cran.r-project.org/package=aws.ec2metadata). |
19 | | - 4. Profiles saved in a `/.aws/credentials` "dot file" in the current working directory. The `"default" profile is assumed if none is specified. |
20 | | - 5. [A centralized `~/.aws/credentials` file](https://blogs.aws.amazon.com/security/post/Tx3D6U6WSFGOK2H/A-New-and-Standardized-Way-to-Manage-Credentials-in-the-AWS-SDKs), containing credentials for multiple accounts. The `"default" profile is assumed if none is specified. |
21 | | - |
22 | | -Profiles stored locally or in a centralized location (e.g., `~/.aws/credentials`) can also be invoked via: |
| 7 | +A detailed description of how credentials can be specified is provided at: https://github.com/cloudyr/aws.signature/. The easiest way is to simply set environmetn variables on the command line prior to starting R or via an `Renviron.site` or `.Renviron` file, which are used to set environment variables in R during startup (see `? Startup`). Or they can be set within R: |
23 | 8 |
|
24 | 9 | ```R |
25 | | -# use your 'default' account credentials |
26 | | -aws.signature::use_credentials() |
27 | | - |
28 | | -# use an alternative credentials profile |
29 | | -aws.signature::use_credentials(profile = "bob") |
| 10 | +Sys.setenv("AWS_ACCESS_KEY_ID" = "mykey", |
| 11 | + "AWS_SECRET_ACCESS_KEY" = "mysecretkey", |
| 12 | + "AWS_DEFAULT_REGION" = "us-east-1", |
| 13 | + "AWS_SESSION_TOKEN" = "mytoken") |
30 | 14 | ``` |
31 | 15 |
|
32 | | -Temporary session tokens are stored in environment variable `AWS_SESSION_TOKEN` (and will be stored there by the `use_credentials()` function). The [aws.iam package](https://github.com/cloudyr/aws.iam/) provides an R interface to IAM roles and the generation of temporary session tokens via the security token service (STS). |
33 | | - |
34 | 16 | To use the package with S3-compatible storage provided by other cloud platforms, set the `AWS_S3_ENDPOINT` environment variable to the appropriate host name. By default, the package uses the AWS endpoint: `s3.amazonaws.com` |
35 | 17 |
|
36 | 18 |
|
|
0 commit comments