{"id":479,"date":"2015-08-18T17:50:13","date_gmt":"2015-08-18T17:50:13","guid":{"rendered":"http:\/\/blogs.nd.edu\/devops\/?p=479"},"modified":"2015-08-18T17:50:13","modified_gmt":"2015-08-18T17:50:13","slug":"aws-assume-role-with-fog","status":"publish","type":"post","link":"https:\/\/sites.nd.edu\/devops\/2015\/08\/18\/aws-assume-role-with-fog\/","title":{"rendered":"AWS assume role with Fog"},"content":{"rendered":"

Amazon Web Services (AWS) provides users with a wealth of services and a suite of ways in which to keep those services secure. Unfortunately, software libraries are not always able to keep up with all the new features available. While wiring up our Rails application to deposit files into an AWS S3 bucket<\/a>\u00a0we ran into such a problem. AWS has developed an extensive role-based security<\/a> structure; and as part of their Ruby AWS SDK<\/a>\u00a0they allow a person, or role, to assume another role which may have completely different access.<\/p>\n

\"money-patch-cropped\"<\/a>Our troubles came in the fact that the interface provided by the\u00a0fog-aws gem<\/a>\u00a0does not currently have any way to tell it to assume a different role. It does provide a way to use a role your server may already have been assigned, and a nice mechanism to re-negotiate your credentials when they are about to expire. So what do we do when something doesn’t quite work the way we want? Monkey patch!<\/a><\/p>\n

Below is a link to a Gist showing how we were able to leverage the things fog-aws did the way we wanted, and overwrite the one thing we needed to be done differently.<\/p>\n

https:\/\/gist.github.com\/peterwells\/39a5c31d934fa8eb0f2c<\/a><\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Amazon Web Services (AWS) provides users with a wealth of services and a suite of ways in which to keep those services secure. Unfortunately, software libraries are not always able to keep up with all the new features available. While … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1570,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65088,29104],"tags":[65098,65123,65122,65129,65115,29105],"class_list":["post-479","post","type-post","status-publish","format-standard","hentry","category-aws","category-rails","tag-aws-2","tag-carrierwave","tag-fog","tag-rails","tag-ror","tag-ruby"],"_links":{"self":[{"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/posts\/479","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/users\/1570"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/comments?post=479"}],"version-history":[{"count":8,"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/posts\/479\/revisions"}],"predecessor-version":[{"id":489,"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/posts\/479\/revisions\/489"}],"wp:attachment":[{"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/media?parent=479"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/categories?post=479"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.nd.edu\/devops\/wp-json\/wp\/v2\/tags?post=479"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}