Skip to content

securityclippy/magicstorage

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

S3Storage

S3Storage is a storage module to make use of amazon's s3 object storage as a storage interface for CertMagic. S3Storage is an implementation of the Storage interface which can be used to back services behind a load balancer without needing to expose the servers themselves to the internet. It is expected that users needing this storage will have the requisite knowledge to understand when it is necessary to use this Storage Type in lieu of the default Filestorage type. Because this storage type is typically used behind a load balancer. it is most commonly used in conjunction with the DNS-01 lego challenge.

The magicstorage.NewS3Storage(bucket, region string) function requires the name of the s3 bucket to be used as well as the region for the s3 bucket. NOTE: Even though s3 buckets are "global", this is still a region associated with buckets. do not pass an empty string

The NewS3Storage() function will automatically use credentials from ENV vars, ~/.aws/credentials files and any assumed roles. It should not be necessary to provide any explicit credentials.

Used with the certmagic HTTPS command and a dns provider:

dnsProvider, err := route53.NewDNSProvider()
if err != nil {
    return err
}

certmagic.DNSProvider = dnsProvider
certmagic.DefaultStorage = magicstorage.NewS3Storage("my-example-s3-bucket", "example-aws-region")

//Then use as normal

certmagic.HTTPS([]string{"example.com"}, handler)

About

storage backends for certmagic

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages