euca2ools should read config and credentials from config file
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Eucalyptus |
Fix Released
|
Undecided
|
Unassigned | ||
euca2ools (Ubuntu) |
Fix Released
|
Wishlist
|
Dustin Kirkland |
Bug Description
Binary package hint: euca2ools
euca2ools currently reads its configuration from 1 of 2 places:
a.) environment variables
b.) command line arguments
the configuration above that is read includes:
EC2_URL
EC2_ACCESS_KEY
EC2_SECRET_KEY
EC2_CERT
EC2_PRIVATE_KEY
S3_URL
EUCALYPTUS_CERT
In addition to being a non-typical way of specifying configuration, the
environment variables
EC2_ACCESS_KEY and EC2_PRIVATE_KEY
contain sensitive information. It is generally considered less than secure to
set sensitive information in the environment.
Instead or in addition to (really only for backwards compat) euca2ools should
read configuration from a config file. I suggest:
/etc/euca2ools/
$HOME/.eucarc
And additionally allow the caller to specify a config file. Ie:
euca-run-instances --config /tmp/my-config eki-abcdefg
Changed in euca2ools (Ubuntu): | |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
Changed in euca2ools (Ubuntu): | |
assignee: | nobody → Dustin Kirkland (kirkland) |
Changed in eucalyptus: | |
status: | Fix Committed → Fix Released |
Order of preference is user supplied config file (--config) followed by $HOME/.eucarc followed by /etc/euca2ools/ eucarc followed by the environment.
------- ------- ------- ------- ------- ------- ------- ------- ---- ------- ------- ------- ------- ------- ------- ------- ----
revno: 235
committer: Neil
branch nick: euca2ools-1.0
timestamp: Fri 2009-11-27 21:53:18 -0800
message:
fixes #485106
-------