Amazon ec2 无法在AWS EB中将私钥作为环境变量传递
我一直在尝试将私钥添加到eb环境变量配置中,并尝试删除换行符,将(“”)更改为(“”),但eb不会接受这两种情况,并导致环境健康状况下降 我参考了平台上提出的其他问题,但大多数问题都使用了导出功能,或者能够将密钥保存为环境变量,但无法在代码中检索它() 我在下面添加了来自eb的最后100行日志作为参考Amazon ec2 无法在AWS EB中将私钥作为环境变量传递,amazon-ec2,amazon-elastic-beanstalk,Amazon Ec2,Amazon Elastic Beanstalk,我一直在尝试将私钥添加到eb环境变量配置中,并尝试删除换行符,将(“”)更改为(“”),但eb不会接受这两种情况,并导致环境健康状况下降 我参考了平台上提出的其他问题,但大多数问题都使用了导出功能,或者能够将密钥保存为环境变量,但无法在代码中检索它() 我在下面添加了来自eb的最后100行日志作为参考 ------------------------------------- /var/log/nodejs/nodejs.log ---------------------------------
-------------------------------------
/var/log/nodejs/nodejs.log
-------------------------------------
> webrtc-chatter@0.0.1 start /var/app/current
> node index.js
-------------------------------------
/var/log/nodejs/npm-debug.log
-------------------------------------
UTC 2018/12/28 09:55:31 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
UTC 2018/12/28 13:22:14 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
UTC 2018/12/31 10:03:31 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
UTC 2018/12/31 13:10:09 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
UTC 2018/12/31 13:19:10 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
UTC 2018/12/31 13:21:04 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
UTC 2018/12/31 13:34:08 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
UTC 2018/12/31 13:41:11 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
UTC 2018/12/31 14:02:34 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
-------------------------------------
/var/log/eb-activity.log
-------------------------------------
node-pre-gyp ERR! node-pre-gyp -v v0.12.0
node-pre-gyp ERR! not ok
Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! grpc@1.16.1 install: `node-pre-gyp install --fallback-to-build --library=static_library`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the grpc@1.16.1 install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /tmp/.npm/_logs/2018-12-31T19_09_33_684Z-debug.log
Not using a reverse proxy
Running npm install: /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm
Setting npm config jobs to 1
npm config jobs set to 1
Running npm with --production flag
Failed to run npm install. Snapshot logs for more details.
UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
Traceback (most recent call last):
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 695, in <module>
main()
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 677, in main
node_version_manager.run_npm_install(options.app_path)
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 136, in run_npm_install
self.npm_install(bin_path, self.config_manager.get_container_config('app_staging_dir'))
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 180, in npm_install
raise e
subprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1 (ElasticBeanstalk::ExternalInvocationError)
caused by: + /opt/elasticbeanstalk/containerfiles/ebnode.py --action npm-install
> grpc@1.16.1 install /tmp/deployment/application/node_modules/grpc
> node-pre-gyp install --fallback-to-build --library=static_library
node-pre-gyp WARN Using request for node-pre-gyp https download
node-pre-gyp WARN Pre-built binaries not installable for grpc@1.16.1 and node@10.13.0 (node-v64 ABI, glibc) (falling back to source compile with node-gyp)
node-pre-gyp WARN Hit error EACCES: permission denied, mkdir '/tmp/deployment/application/node_modules/grpc/src/node'
gyp ERR! configure error
gyp ERR! stack Error: EACCES: permission denied, mkdir '/tmp/deployment/application/node_modules/grpc/build'
gyp ERR! System Linux 4.14.77-69.57.amzn1.x86_64
gyp ERR! command "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node" "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "configure" "--fallback-to-build" "--library=static_library" "--module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node" "--module_name=grpc_node" "--module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc" "--napi_version=3" "--node_abi_napi=napi" "--napi_build_version=0" "--node_napi_label=node-v64"
gyp ERR! cwd /tmp/deployment/application/node_modules/grpc
gyp ERR! node -v v10.13.0
gyp ERR! node-gyp -v v3.8.0
gyp ERR! not ok
node-pre-gyp ERR! build error
node-pre-gyp ERR! stack Error: Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
node-pre-gyp ERR! stack at ChildProcess.<anonymous> (/tmp/deployment/application/node_modules/grpc/node_modules/node-pre-gyp/lib/util/compile.js:83:29)
node-pre-gyp ERR! stack at ChildProcess.emit (events.js:182:13)
node-pre-gyp ERR! stack at maybeClose (internal/child_process.js:962:16)
node-pre-gyp ERR! stack at Process.ChildProcess._handle.onexit (internal/child_process.js:251:5)
node-pre-gyp ERR! System Linux 4.14.77-69.57.amzn1.x86_64
node-pre-gyp ERR! command "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node" "/tmp/deployment/application/node_modules/grpc/node_modules/.bin/node-pre-gyp" "install" "--fallback-to-build" "--library=static_library"
node-pre-gyp ERR! cwd /tmp/deployment/application/node_modules/grpc
node-pre-gyp ERR! node -v v10.13.0
node-pre-gyp ERR! node-pre-gyp -v v0.12.0
node-pre-gyp ERR! not ok
Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! grpc@1.16.1 install: `node-pre-gyp install --fallback-to-build --library=static_library`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the grpc@1.16.1 install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /tmp/.npm/_logs/2018-12-31T19_09_33_684Z-debug.log
Not using a reverse proxy
Running npm install: /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm
Setting npm config jobs to 1
npm config jobs set to 1
Running npm with --production flag
Failed to run npm install. Snapshot logs for more details.
UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
Traceback (most recent call last):
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 695, in <module>
main()
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 677, in main
node_version_manager.run_npm_install(options.app_path)
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 136, in run_npm_install
self.npm_install(bin_path, self.config_manager.get_container_config('app_staging_dir'))
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 180, in npm_install
raise e
subprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1 (Executor::NonZeroExitStatus)
[2018-12-31T19:09:33.710Z] INFO [18640] - [Configuration update travis-5b0a4d4df0abae1daa0ab1e5fa92b27a5e51021a-1544498766@21/ConfigDeployStage0/ConfigDeployPreHook/50npm.sh] : Activity failed.
[2018-12-31T19:09:33.710Z] INFO [18640] - [Configuration update travis-5b0a4d4df0abae1daa0ab1e5fa92b27a5e51021a-1544498766@21/ConfigDeployStage0/ConfigDeployPreHook] : Activity failed.
[2018-12-31T19:09:33.710Z] INFO [18640] - [Configuration update travis-5b0a4d4df0abae1daa0ab1e5fa92b27a5e51021a-1544498766@21/ConfigDeployStage0] : Activity failed.
[2018-12-31T19:09:33.710Z] INFO [18640] - [Configuration update travis-5b0a4d4df0abae1daa0ab1e5fa92b27a5e51021a-1544498766@21] : Completed activity. Result:
Configuration update - Command CMD-ConfigDeploy failed
[2018-12-31T19:19:07.258Z] INFO [19138] - [CMD-TailLogs] : Starting activity...
[2018-12-31T19:19:07.259Z] INFO [19138] - [CMD-TailLogs/AddonsBefore] : Starting activity...
[2018-12-31T19:19:07.259Z] INFO [19138] - [CMD-TailLogs/AddonsBefore] : Completed activity.
[2018-12-31T19:19:07.259Z] INFO [19138] - [CMD-TailLogs/TailLogs] : Starting activity...
[2018-12-31T19:19:07.259Z] INFO [19138] - [CMD-TailLogs/TailLogs/TailLogs] : Starting activity...
-------------------------------------
/var/log/eb-commandprocessor.log
-------------------------------------
UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
Traceback (most recent call last):
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 695, in <module>
main()
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 677, in main
node_version_manager.run_npm_install(options.app_path)
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 136, in run_npm_install
self.npm_install(bin_path, self.config_manager.get_container_config('app_staging_dir'))
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 180, in npm_install
raise e
subprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1 (ElasticBeanstalk::ExternalInvocationError)
caused by: + /opt/elasticbeanstalk/containerfiles/ebnode.py --action npm-install
> grpc@1.16.1 install /tmp/deployment/application/node_modules/grpc
> node-pre-gyp install --fallback-to-build --library=static_library
node-pre-gyp WARN Using request for node-pre-gyp https download
node-pre-gyp WARN Pre-built binaries not installable for grpc@1.16.1 and node@10.13.0 (node-v64 ABI, glibc) (falling back to source compile with node-gyp)
node-pre-gyp WARN Hit error EACCES: permission denied, mkdir '/tmp/deployment/application/node_modules/grpc/src/node'
gyp ERR! configure error
gyp ERR! stack Error: EACCES: permission denied, mkdir '/tmp/deployment/application/node_modules/grpc/build'
gyp ERR! System Linux 4.14.77-69.57.amzn1.x86_64
gyp ERR! command "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node" "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "configure" "--fallback-to-build" "--library=static_library" "--module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node" "--module_name=grpc_node" "--module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc" "--napi_version=3" "--node_abi_napi=napi" "--napi_build_version=0" "--node_napi_label=node-v64"
gyp ERR! cwd /tmp/deployment/application/node_modules/grpc
gyp ERR! node -v v10.13.0
gyp ERR! node-gyp -v v3.8.0
gyp ERR! not ok
node-pre-gyp ERR! build error
node-pre-gyp ERR! stack Error: Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
node-pre-gyp ERR! stack at ChildProcess.<anonymous> (/tmp/deployment/application/node_modules/grpc/node_modules/node-pre-gyp/lib/util/compile.js:83:29)
node-pre-gyp ERR! stack at ChildProcess.emit (events.js:182:13)
node-pre-gyp ERR! stack at maybeClose (internal/child_process.js:962:16)
node-pre-gyp ERR! stack at Process.ChildProcess._handle.onexit (internal/child_process.js:251:5)
node-pre-gyp ERR! System Linux 4.14.77-69.57.amzn1.x86_64
node-pre-gyp ERR! command "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node" "/tmp/deployment/application/node_modules/grpc/node_modules/.bin/node-pre-gyp" "install" "--fallback-to-build" "--library=static_library"
node-pre-gyp ERR! cwd /tmp/deployment/application/node_modules/grpc
node-pre-gyp ERR! node -v v10.13.0
node-pre-gyp ERR! node-pre-gyp -v v0.12.0
node-pre-gyp ERR! not ok
Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! grpc@1.16.1 install: `node-pre-gyp install --fallback-to-build --library=static_library`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the grpc@1.16.1 install script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /tmp/.npm/_logs/2018-12-31T19_09_33_684Z-debug.log
Not using a reverse proxy
Running npm install: /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm
Setting npm config jobs to 1
npm config jobs set to 1
Running npm with --production flag
Failed to run npm install. Snapshot logs for more details.
UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log
Traceback (most recent call last):
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 695, in <module>
main()
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 677, in main
node_version_manager.run_npm_install(options.app_path)
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 136, in run_npm_install
self.npm_install(bin_path, self.config_manager.get_container_config('app_staging_dir'))
File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 180, in npm_install
raise e
subprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1 (Executor::NonZeroExitStatus)
[2018-12-31T19:09:33.710Z] ERROR [18640] : Command CMD-ConfigDeploy failed!
[2018-12-31T19:09:33.711Z] INFO [18640] : Command processor returning results:
{"status":"FAILURE","api_version":"1.0","results":[{"status":"FAILURE","msg":"(TRUNCATED)...opt/elasticbeanstalk/containerfiles/ebnode.py\", line 180, in npm_install\n raise e\nsubprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1. \nHook /opt/elasticbeanstalk/hooks/configdeploy/pre/50npm.sh failed. For more detail, check /var/log/eb-activity.log using console or EB CLI","returncode":1,"events":[{"msg":"Failed to run npm install. Snapshot logs for more details.","severity":"ERROR","timestamp":1546283373711}]}],"truncated":"true"}
[2018-12-31T19:19:07.253Z] DEBUG [19138] : Reading config file: /etc/elasticbeanstalk/.aws-eb-stack.properties
[2018-12-31T19:19:07.253Z] DEBUG [19138] : Checking if the command processor should execute...
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Checking whether the command is applicable to instance (i-088e05e1a293a85a2)..
[2018-12-31T19:19:07.255Z] INFO [19138] : Command is applicable to this instance (i-088e05e1a293a85a2)..
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Checking if the received command stage is valid..
[2018-12-31T19:19:07.255Z] INFO [19138] : No stage_num in command. Valid stage..
[2018-12-31T19:19:07.255Z] INFO [19138] : Received command CMD-TailLogs: {"execution_data"=>"*", "instance_ids"=>["i-088e05e1a293a85a2"], "data"=>"f08833bc-0d30-11e9-b16c-2bf0c81d1d06", "command_name"=>"CMD-TailLogs", "api_version"=>"1.0", "resource_name"=>"AWSEBAutoScalingGroup", "request_id"=>"f08833bc-0d30-11e9-b16c-2bf0c81d1d06"}
[2018-12-31T19:19:07.255Z] INFO [19138] : Command processor should execute command.
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Storing current stage..
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Stage_num does not exist. Not saving null stage. Returning..
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Reading config file: /etc/elasticbeanstalk/.aws-eb-stack.properties
[2018-12-31T19:19:07.256Z] DEBUG [19138] : Retrieving metadata for key: AWS::ElasticBeanstalk::Ext||_ContainerConfigFileContent||commands..
[2018-12-31T19:19:07.256Z] DEBUG [19138] : Retrieving metadata for key: AWS::ElasticBeanstalk::Ext||_API||_Commands..
[2018-12-31T19:19:07.257Z] INFO [19138] : Found enabled addons: ["logpublish", "logstreaming"].
[2018-12-31T19:19:07.258Z] INFO [19138] : Updating Command definition of addon logpublish.
[2018-12-31T19:19:07.258Z] INFO [19138] : Updating Command definition of addon logstreaming.
[2018-12-31T19:19:07.258Z] DEBUG [19138] : Loaded definition of Command CMD-TailLogs.
[2018-12-31T19:19:07.258Z] INFO [19138] : Executing CMD-TailLogs
[2018-12-31T19:19:07.259Z] INFO [19138] : Executing command: CMD-TailLogs...
[2018-12-31T19:19:07.259Z] INFO [19138] : Executing command CMD-TailLogs activities...
[2018-12-31T19:19:07.259Z] DEBUG [19138] : Setting environment variables..
[2018-12-31T19:19:07.259Z] INFO [19138] : Running AddonsBefore for command CMD-TailLogs...
[2018-12-31T19:19:07.259Z] DEBUG [19138] : Running stages of Command CMD-TailLogs from stage 0 to stage 0...
[2018-12-31T19:19:07.259Z] INFO [19138] : Running stage 0 of command CMD-TailLogs...
[2018-12-31T19:19:07.259Z] DEBUG [19138] : Loaded 1 actions for stage 0.
[2018-12-31T19:19:07.259Z] INFO [19138] : Running 1 of 1 actions: TailLogs...
files:
"/opt/elasticbeanstalk/hooks/appdeploy/post/00_set_tmp_permissions.sh":
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
chown -R nodejs:nodejs /tmp/.npm
对于第二个配置文件,我更改了/tmp/npm的路径。只需/tmp/,它是最终允许我的应用程序部署的文件,但它看起来与第一个配置文件相同,唯一的区别是一个在部署之前,另一个在部署之后。下面是一个将.json文件从S3安全下载到Elastic Beanstalk服务器的示例。有关参考信息,请参阅。如果像AWS示例中那样使用默认的elastic beanstalk bucket,则无需担心在S3 bucket上设置权限 以下是指令的文档。在本例中,您正在将firebase配置文件下载到
/etc/pki/tls/certs/# .ebextensions/firebase.config
# Make sure to update the bucket policy on the S3 bucket to
# allow access by the aws-elasticbeanstalk-ec2-role
Resources:
AWSEBAutoScalingGroup:
Metadata:
AWS::CloudFormation::Authentication:
S3Auth:
type: "s3"
buckets: ["my-bucket"]
roleName:
"Fn::GetOptionSetting":
Namespace: "aws:autoscaling:launchconfiguration"
OptionName: "IamInstanceProfile"
DefaultValue: "aws-elasticbeanstalk-ec2-role"
files:
"/etc/pki/tls/certs/firebaseadminsdk.json":
mode: "000400"
owner: nodejs
group: nodejs
authentication: "S3Auth"
source: https://s3-us-west-1.amazonaws.com/my-bucket/firebase-adminsdk-abcde-fghijklmn.json
这把钥匙是用来签名的吗?您是否可以选择使用文件的路径?如果是这样,那么通过弹性beanstalk配置文件安全地下载文件就容易多了。该密钥用于Firebase Admin SDK,它是一个.json文件,但由于可以只使用3个主信息(在.json文件中)对其进行初始化,我决定将其完全删除。在localhost中,我使用.env将密钥保存在其中,但由于我无法提交,所以我将通过aws env变量传递该密钥。如何使用文件的路径?我是否将.json文件保存在S3中,然后调用它?您好,谢谢您的回复!有一段时间一直在使用.ebextensions,并尝试在没有容器命令的情况下执行上面所示的操作,以便.json文件位于/tmp/firebaseadminsdk.json路径中。一直在抛出
错误:EACCES:permission denied,打开“/tmp/firebaseadminsk.json”/tmp/tmp/tmp# .ebextensions/firebase.config
# Make sure to update the bucket policy on the S3 bucket to
# allow access by the aws-elasticbeanstalk-ec2-role
Resources:
AWSEBAutoScalingGroup:
Metadata:
AWS::CloudFormation::Authentication:
S3Auth:
type: "s3"
buckets: ["my-bucket"]
roleName:
"Fn::GetOptionSetting":
Namespace: "aws:autoscaling:launchconfiguration"
OptionName: "IamInstanceProfile"
DefaultValue: "aws-elasticbeanstalk-ec2-role"
files:
"/etc/pki/tls/certs/firebaseadminsdk.json":
mode: "000400"
owner: nodejs
group: nodejs
authentication: "S3Auth"
source: https://s3-us-west-1.amazonaws.com/my-bucket/firebase-adminsdk-abcde-fghijklmn.json