This is an archive of the discontinued Mercurial Phabricator instance.

Differential D6982

automation: improve documentation for credentials management
ClosedPublic

Authored by indygreg on Oct 5 2019, 12:03 PM.

Details

Reviewers
None
Group Reviewers
hg-reviewers
Commits
rHGf71b3c561b93: automation: improve documentation for credentials management
Summary

Diff Detail

Lint
Lint Skipped
Unit
Unit Tests Skipped

Event Timeline

indygreg added a commit: rHGf71b3c561b93: automation: improve documentation for credentials management.Oct 5 2019, 2:29 PM
This revision was not accepted when it landed; it landed in state Needs Review.
Closed by commit rHGf71b3c561b93: automation: improve documentation for credentials management (authored by indygreg). · Explain Why
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathPackages
Mcontrib/automation/README.rst (23 lines)

Diff 16837

contrib/automation/README.rst

This obviously requires an AWS account and credentials to work. This obviously requires an AWS account and credentials to work.
We use the ``boto3`` library for interacting with AWS APIs. We do not employ We use the ``boto3`` library for interacting with AWS APIs. We do not employ
any special functionality for telling ``boto3`` where to find AWS credentials. See any special functionality for telling ``boto3`` where to find AWS credentials. See
https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html
for how ``boto3`` works. Once you have configured your environment such for how ``boto3`` works. Once you have configured your environment such
that ``boto3`` can find credentials, interaction with AWS should *just work*. that ``boto3`` can find credentials, interaction with AWS should *just work*.
.. hint:: To configure ``boto3``, you can use the ``aws configure`` command to
write out configuration files. (The ``aws`` command is typically provided
Typically you have a ``~/.aws/credentials`` file containing AWS by an ``awscli`` package available in your package manager, including
credentials. If you manage multiple credentials, you can override which ``pip``.) Alternatively, you can write out files in ``~/.aws/`` directly.
*profile* to use at run-time by setting the ``AWS_PROFILE`` environment e.g.::
variable.
# ~/.aws/config
[default]
region = us-west-2
# ~/.aws/credentials
[default]
aws_access_key_id = XXXX
aws_secret_access_key = YYYY
If you have multiple AWS accounts, you can name the profile something
different from ``default``. e.g. ``hg``. You can influence which profile
is used by ``boto3`` by setting the ``AWS_PROFILE`` environment variable.
e.g. ``AWS_PROFILE=hg``.
Resource Management Resource Management
------------------- -------------------
Depending on the task being performed, various AWS services will be accessed. Depending on the task being performed, various AWS services will be accessed.
This of course requires AWS credentials with permissions to access these This of course requires AWS credentials with permissions to access these
services. services.