Développer ma barre des réalisations de la Communauté.

Submissions are now open for the 2026 Adobe Experience Maker Awards
Apply Now

Mark Solution

Cette conversation a été verrouillée en raison de son inactivité. Veuillez créer une nouvelle publication.

RÉSOLU

Can Amazon S3 external account use Ec2 instance profile and role?

Avatar

Level 2
Level 2
30/03/2022 5:46:23 AM

I only saw the mentioning of using access key method to authenticate to AWS in Adobe's documentation about AWS s3 external account: https://experienceleague.adobe.com/docs/campaign-standard/using/administrating/application-settings/...

 

If a workflow server runs on an AWS EC2 instance, a much easier approach to manage AWS resource access is to use EC2 isntance profile and its associated role. i.e. I'm allowed to access certain S3 resource because I am making the API call from this particular server. 

 

I wonder if AC V7/V8 support that approach? it would be nice to avoid managing those access key and secret.

 

Regards,

Shaohong

Vues

600

Réponses

1
Connectez-vous pour indiquer que vous aimez ce contenu

Nombre de J’aime

Traduire
Traduire
1 solution acceptée

Avatar

Réponse correcte par
Community Advisor
Community Advisor
02/04/2022 11:42:58 PM

Hello @shaohong 

 

Even if you have assigned the permission to both S3 and EC2 instance to the same profile in IAM. The application hosted on EC2 won't even know if these permissions actually exists because all this is happening in different layers.

 

To create a bridge between two different layers we need the access keys. So it is not possible to do it without access keys

 

 


     Manoj
     Find me on LinkedIn

Voir la solution dans l'envoi d'origine

Vues

573

Réponses

0
Connectez-vous pour indiquer que vous aimez ce contenu

Nombre de J’aime

Traduire
Traduire
Intervenir
1 Reply

Avatar

Réponse correcte par
Community Advisor
Community Advisor
02/04/2022 11:42:58 PM

Hello @shaohong 

 

Even if you have assigned the permission to both S3 and EC2 instance to the same profile in IAM. The application hosted on EC2 won't even know if these permissions actually exists because all this is happening in different layers.

 

To create a bridge between two different layers we need the access keys. So it is not possible to do it without access keys

 

 


     Manoj
     Find me on LinkedIn

Vues

574

Réponses

0
Connectez-vous pour indiquer que vous aimez ce contenu

Nombre de J’aime

Traduire
Traduire
Intervenir
Conversations associées
How to differentiate NULL and empty string for AC table? Solved

Vues

527

Likes

0

Réponses

3
Target audience based on different ages groups and other criteria

Vues

120

Likes

0

Réponses

1
Adobe Campaign Classic v7 - Built-in MTA vs External Postfix for Production

Vues

1.9K

Likes

0

Réponses

0
How can I limit the send out per newsletter per customer?

Vues

2.8K

Likes

0

Réponses

2
How does the 'Billing' Technical Workflow Calculate Active Profiles?

Vues

379

Likes

0

Réponses

3