CrossClj

5.1.4 docs

SourceDocs



RECENT

    sparkfund/aws-maven

    Clojars

    Sep 23, 2016


    OWNER
    Sparkfund
    Washington, DC
    www.sparkfund.com/

    Readme

    Index of all namespaces


    « Project + dependencies

    Maven wagon for S3

    The README below is fetched from the published project artifact. Some relative links may be broken.

    AWS Maven Wagon

    This project is a Maven Wagon for Amazon S3. In order to to publish artifacts to an S3 bucket, the user (as identified by their access key) must be listed as an owner on the bucket.

    Usage

    To publish Maven artifacts to S3 a build extension must be defined in a project’s pom.xml. The latest version of the wagon can be found on the aws-maven page in Maven Central.

    <project>
      ...
      <build>
        ...
        <extensions>
          ...
          <extension>
            <groupId>org.springframework.build</groupId>
            <artifactId>aws-maven</artifactId>
            <version>5.0.0.RELEASE</version>
          </extension>
          ...
        </extensions>
        ...
      </build>
      ...
    </project>
    

    Once the build extension is configured distribution management repositories can be defined in the pom.xml with an s3:// scheme.

    <project>
      ...
      <distributionManagement>
        <repository>
          <id>aws-release</id>
          <name>AWS Release Repository</name>
          <url>s3://<BUCKET>/release</url>
        </repository>
        <snapshotRepository>
          <id>aws-snapshot</id>
          <name>AWS Snapshot Repository</name>
          <url>s3://<BUCKET>/snapshot</url>
        </snapshotRepository>
      </distributionManagement>
      ...
    </project>
    

    Finally the ~/.m2/settings.xml must be updated to include access and secret keys for the account. The access key should be used to populate the username element, and the secret access key should be used to populate the password element.

    <settings>
      ...
      <servers>
        ...
        <server>
          <id>aws-release</id>
          <username>0123456789ABCDEFGHIJ</username>
          <password>0123456789abcdefghijklmnopqrstuvwxyzABCD</password>
        </server>
        <server>
          <id>aws-snapshot</id>
          <username>0123456789ABCDEFGHIJ</username>
          <password>0123456789abcdefghijklmnopqrstuvwxyzABCD</password>
        </server>
        ...
      </servers>
      ...
    </settings>
    

    Alternatively, the access and secret keys for the account can be provided using

    Making Artifacts Public

    This wagon doesn’t set an explict ACL for each artfact that is uploaded. Instead you should create an AWS Bucket Policy to set permissions on objects. A bucket policy can be set in the AWS Console and can be generated using the AWS Policy Generator.

    In order to make the contents of a bucket public you need to add statements with the following details to your policy:

    Effect Principal Action Amazon Resource Name (ARN)
    Allow * ListBucket arn:aws:s3:::<BUCKET>
    Allow * GetObject arn:aws:s3:::<BUCKET>/*

    If your policy is setup properly it should look something like:

    {
      "Id": "Policy1397027253868",
      "Statement": [
        {
          "Sid": "Stmt1397027243665",
          "Action": [
            "s3:ListBucket"
          ],
          "Effect": "Allow",
          "Resource": "arn:aws:s3:::<BUCKET>",
          "Principal": {
            "AWS": [
              "*"
            ]
          }
        },
        {
          "Sid": "Stmt1397027177153",
          "Action": [
            "s3:GetObject"
          ],
          "Effect": "Allow",
          "Resource": "arn:aws:s3:::<BUCKET>/*",
          "Principal": {
            "AWS": [
              "*"
            ]
          }
        }
      ]
    }
    

    If you prefer to use the command line, you can use the following script to make the contents of a bucket public:

    BUCKET=<BUCKET>
    TIMESTAMP=$(date +%Y%m%d%H%M)
    POLICY=$(cat<<EOF
    {
      "Id": "public-read-policy-$TIMESTAMP",
      "Statement": [
        {
          "Sid": "list-bucket-$TIMESTAMP",
          "Action": [
            "s3:ListBucket"
          ],
          "Effect": "Allow",
          "Resource": "arn:aws:s3:::$BUCKET",
          "Principal": {
            "AWS": [
              "*"
            ]
          }
        },
        {
          "Sid": "get-object-$TIMESTAMP",
          "Action": [
            "s3:GetObject"
          ],
          "Effect": "Allow",
          "Resource": "arn:aws:s3:::$BUCKET/*",
          "Principal": {
            "AWS": [
              "*"
            ]
          }
        }
      ]
    }
    EOF
    )
    
    aws s3api put-bucket-policy --bucket $BUCKET --policy "$POLICY"