https://github.com/spring-attic/aws-maven
https://github.com/spring-attic/aws-maven
Last synced: 3 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/spring-attic/aws-maven
- Owner: spring-attic
- License: apache-2.0
- Archived: true
- Created: 2011-12-01T05:31:29.000Z (over 13 years ago)
- Default Branch: master
- Last Pushed: 2022-10-18T08:19:15.000Z (over 2 years ago)
- Last Synced: 2024-04-14T18:35:17.111Z (about 1 year ago)
- Language: Java
- Homepage:
- Size: 616 KB
- Stars: 214
- Watchers: 39
- Forks: 172
- Open Issues: 48
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-aws - spring-projects/aws-maven :fire::fire: - Maven Wagon for S3. (Open Source Repos / S3)
README
# AWS Maven Wagon
This project is a [Maven Wagon][wagon] for [Amazon S3][s3]. In order to to publish artifacts to an S3 bucket, the user (as identified by their access key) must be listed as an owner on the bucket.
## Usage
To publish Maven artifacts to S3 a build extension must be defined in a project's `pom.xml`. The latest version of the wagon can be found on the [`aws-maven`][aws-maven] page in Maven Central.
```xml
...
...
...
org.springframework.build
aws-maven
5.0.0.RELEASE
...
...
...
```
Once the build extension is configured distribution management repositories can be defined in the `pom.xml` with an `s3://` scheme.
```xml
...
aws-release
AWS Release Repository
s3:///release
aws-snapshot
AWS Snapshot Repository
s3:///snapshot
...
```
Finally the `~/.m2/settings.xml` must be updated to include access and secret keys for the account. The access key should be used to populate the `username` element, and the secret access key should be used to populate the `password` element.
```xml
...
...
aws-release
0123456789ABCDEFGHIJ
0123456789abcdefghijklmnopqrstuvwxyzABCD
aws-snapshot
0123456789ABCDEFGHIJ
0123456789abcdefghijklmnopqrstuvwxyzABCD
...
...
```
Alternatively, the access and secret keys for the account can be provided using
* `AWS_ACCESS_KEY_ID` (or `AWS_ACCESS_KEY`) and `AWS_SECRET_KEY` (or `AWS_SECRET_ACCESS_KEY`) [environment variables][env-var]
* `aws.accessKeyId` and `aws.secretKey` [system properties][sys-prop]
* The Amazon EC2 [Instance Metadata Service][instance-metadata]
## Making Artifacts Public
This wagon doesn't set an explict ACL for each artfact that is uploaded. Instead you should create an AWS Bucket Policy to set permissions on objects. A bucket policy can be set in the [AWS Console][console] and can be generated using the [AWS Policy Generator][policy-generator].
In order to make the contents of a bucket public you need to add statements with the following details to your policy:
| Effect | Principal | Action | Amazon Resource Name (ARN)
| ------- | --------- | ------------ | --------------------------
| `Allow` | `*` | `ListBucket` | `arn:aws:s3:::`
| `Allow` | `*` | `GetObject` | `arn:aws:s3:::/*`
If your policy is setup properly it should look something like:
```json
{
"Id": "Policy1397027253868",
"Statement": [
{
"Sid": "Stmt1397027243665",
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::",
"Principal": {
"AWS": [
"*"
]
}
},
{
"Sid": "Stmt1397027177153",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
```
If you prefer to use the [command line][cli], you can use the following script to make the contents of a bucket public:
```bash
BUCKET=
TIMESTAMP=$(date +%Y%m%d%H%M)
POLICY=$(cat<