Comments (9)
Glad you're finding it useful.
Before I answer, a question: is the number of distinct AWS credentials known at compile time, or can that change dynamically?
from ex_aws.
The number of distinct credentials will be dynamic as will their values; they're managed by a separate service.
from ex_aws.
Crap. The good news is, I could add this soon, the bad news is: one motivator behind ExAws was precisely NOT needing to pass in config with every request, so there are a few roadblocks. The biggest issue is stuff like https://github.com/CargoSense/ex_aws/blob/master/lib/ex_aws/dynamo/impl.ex#L84 where the client's request function is called in order to allow some custom request logic.
When you first asked my thought was that you could create N clients with different credentials and then pick the right one at runtime, but that would require N to be known at compile time.
I believe I could solve this by instead of passing in the client module name passing in a map of
%{client: __MODULE__, config: config}
That way you could do
Dynamo.Impl.describe_table(%{module: ExAws.Dynamo, config: my_custom_config}, "TableName")
It could call request on the specified module (in this case the default Dynamo client).
Let me keep thinking, but you may be stuck for the moment. This is definitely something I didn't think about in my fervor to avoid needing to do this.
from ex_aws.
Technically there are some rather ghetto ways in which you could get around this that I don't recommend. Because you can override how a client gets its config, you could store the desired config in the process dictionary and then use a client with the following code:
defmodule My.Dynamo do
use ExAws.Dynamo.Client
def config_root do
Process.get(:ex_aws_config)
end
end
The flow would be
config = determine_config
Process.put(:ex_aws_config, config)
My.Dynamo.list_tables
Process.delete(:ex_aws_config) # just to be safe
If you're SURE that the requests are happening in different processes that could work. Don't exactly recommend it though.
from ex_aws.
Thanks for your thorough response. I am sure they're in separate processes and had actually looked in to that proposed "hack" but I'm nervous because I don't know how secure or safe a process is.
I was able to get around this by swapping ExAws
for erlcloud
but that introduced other hiccups for me so I had hoped to come back to ExAws. When I saw the conversation in IRC I thought it might be worth speaking up.
Thanks again!
from ex_aws.
Well if it makes you feel any better, the Application.get_env stuff is all stored in processes at the end of the day. Not sure what you mean by secure or safe precisely. It's as safe as anything else in memory from attackers if that's your concern.
from ex_aws.
Not concerned with attackers, more to do with whether a process could inadvertently access the values of another.
from ex_aws.
Reopening until there's a few tweaks in place in master.
from ex_aws.
Ok this is done. Usage:
Test.ClientData.Dynamo.new(secret_access_key: "foo")
|> ExAws.Dynamo.Impl.list_tables
Note that the parameters passed to new are just the configuration keys you're interested in, there isn't a root level [config: [stuff]]
anymore.
from ex_aws.
Related Issues (20)
- Unhandled error case from do_request
- CaseClauseError: no case clause matching: {:error, "timeout"} in ExAws.Request.request_and_retry/7 HOT 1
- Configure SSL/TLS Options
- Default region is more harmful than helpful
- Make types in `ExAws.Request` public
- Return type mismatch for request!
- Support for assuming role via Web Identity Tokens HOT 1
- S3 objects with `?` in key cannot be queried HOT 1
- AccesDenied - ExAws Request Error! HOT 2
- process attempted to call itself HOT 4
- FSx endpoints HOT 1
- With sso-session config "Required key: :secret_access_key must be a string, but instead is..." HOT 6
- S3 object upload request failing for different regions HOT 6
- 2.4.3 release? HOT 1
- httpotion retired HOT 3
- Add support for the af-south-1 for KMS. HOT 1
- High memory usage HOT 4
- Missing S3 support for eu-central-2 HOT 1
- Semver concerns HOT 3
- The authorization header is malformed; a non-empty Access Key (AKID) must be provided in the credential. HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ex_aws.