Add sessiontoken for aws s3 storage
Fixes #3961 Update s3.md doc Signed-off-by: stonezdj <stonezdj@gmail.com>
This commit is contained in:
stonezdj
parent
003dd5aaa1
commit
a380aa4584
2 changed files with 21 additions and 17 deletions
|
|
@ -9,23 +9,24 @@ Amazon S3 or S3 compatible services for object storage.
|
|||
|
||||
## Parameters
|
||||
|
||||
| Parameter | Required | Description |
|
||||
|:--------------|:---------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `accesskey` | no | Your AWS Access Key. If you use [IAM roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), omit to fetch temporary credentials from IAM. |
|
||||
| `secretkey` | no | Your AWS Secret Key. If you use [IAM roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), omit to fetch temporary credentials from IAM. |
|
||||
| `region` | yes | The AWS region in which your bucket exists. |
|
||||
| `regionendpoint` | no | Endpoint for S3 compatible storage services (Minio, etc). |
|
||||
| `forcepathstyle` | no | To enable path-style addressing when the value is set to `true`. The default is `true`. |
|
||||
| `bucket` | yes | The bucket name in which you want to store the registry's data. |
|
||||
| `encrypt` | no | Specifies whether the registry stores the image in encrypted format or not. A boolean value. The default is `false`. |
|
||||
| `keyid` | no | Optional KMS key ID to use for encryption (encrypt must be true, or this parameter is ignored). The default is `none`. |
|
||||
| `secure` | no | Indicates whether to use HTTPS instead of HTTP. A boolean value. The default is `true`. |
|
||||
| `skipverify` | no | Skips TLS verification when the value is set to `true`. The default is `false`. |
|
||||
| `v4auth` | no | Indicates whether the registry uses Version 4 of AWS's authentication. The default is `true`. |
|
||||
| `chunksize` | no | The S3 API requires multipart upload chunks to be at least 5MB. This value should be a number that is larger than 5 * 1024 * 1024.|
|
||||
| `rootdirectory` | no | This is a prefix that is applied to all S3 keys to allow you to segment data in your bucket if necessary. |
|
||||
| `storageclass` | no | The S3 storage class applied to each registry file. The default is `STANDARD`. |
|
||||
| `objectacl` | no | The S3 Canned ACL for objects. The default value is "private". |
|
||||
| Parameter | Required | Description |
|
||||
|:-----------------|:---------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `accesskey` | no | Your AWS Access Key. If you use [IAM roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), omit to fetch temporary credentials from IAM. |
|
||||
| `secretkey` | no | Your AWS Secret Key. If you use [IAM roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), omit to fetch temporary credentials from IAM. |
|
||||
| `sessiontoken` | no | Your AWS Session token. If you use [IAM roles](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html), omit to fetch temporary credentials from IAM. |
|
||||
| `region` | yes | The AWS region in which your bucket exists. |
|
||||
| `regionendpoint` | no | Endpoint for S3 compatible storage services (Minio, etc). |
|
||||
| `forcepathstyle` | no | To enable path-style addressing when the value is set to `true`. The default is `true`. |
|
||||
| `bucket` | yes | The bucket name in which you want to store the registry's data. |
|
||||
| `encrypt` | no | Specifies whether the registry stores the image in encrypted format or not. A boolean value. The default is `false`. |
|
||||
| `keyid` | no | Optional KMS key ID to use for encryption (encrypt must be true, or this parameter is ignored). The default is `none`. |
|
||||
| `secure` | no | Indicates whether to use HTTPS instead of HTTP. A boolean value. The default is `true`. |
|
||||
| `skipverify` | no | Skips TLS verification when the value is set to `true`. The default is `false`. |
|
||||
| `v4auth` | no | Indicates whether the registry uses Version 4 of AWS's authentication. The default is `true`. |
|
||||
| `chunksize` | no | The S3 API requires multipart upload chunks to be at least 5MB. This value should be a number that is larger than 5 * 1024 * 1024. |
|
||||
| `rootdirectory` | no | This is a prefix that is applied to all S3 keys to allow you to segment data in your bucket if necessary. |
|
||||
| `storageclass` | no | The S3 storage class applied to each registry file. The default is `STANDARD`. |
|
||||
| `objectacl` | no | The S3 Canned ACL for objects. The default value is "private". |
|
||||
|
||||
> **Note** You can provide empty strings for your access and secret keys to run the driver
|
||||
> on an ec2 instance and handles authentication with the instance's credentials. If you
|
||||
|
|
|
|||
|
|
@ -417,6 +417,9 @@ func FromParameters(parameters map[string]interface{}) (*Driver, error) {
|
|||
}
|
||||
|
||||
sessionToken := ""
|
||||
if sk, ok := parameters["sessiontoken"].(string); ok {
|
||||
sessionToken = sk
|
||||
}
|
||||
|
||||
accelerateBool := false
|
||||
accelerate := parameters["accelerate"]
|
||||
|
|
|
|||
Loading…
Reference in a new issue