[gdal-dev] Gdal.Open on S3 using IAM roles
Patrick Young
patrick.mckendree.young at gmail.com
Tue Apr 13 08:47:03 PDT 2021
See
https://aws.amazon.com/premiumsupport/knowledge-center/iam-assume-role-cli/ ,
they describe how to assume a role and set the usual AWS_*
environment variables that GDAL should pick up.
There's discussion on vsis3 related stuff (e.g. authentication) here:
https://gdal.org/user/virtual_file_systems.html#vsis3
P
On Mon, Apr 12, 2021 at 8:45 PM Jeannie May <jeannie_may at trimble.com> wrote:
> I'm new to using Gdal. How do I configure gdal to use an IAM role, rather
> than defining an aws-Profile?
>
> I get a timeout doing a gdal.Open() on a tiff file on S3 using vsis3,
> while trying to use an IAM role.
>
> I'm using MaxRev.Gdal.Core 3.2.0.250. Netcore 3.1 c#, running in a Linux
> container.
>
> Note that defining an AWS_Profile etc works ok, but I need to use IAM
> roles. Prior to trying to open the file with gdal, I successfully upload
> using s3Client (which uses the IAM role), so it's something specific to the
> Gdal.Open().
>
> using GetConfigOption() I can see that none of the following are set
> AWS_PROFILE; AWS_ACCESS_KEY_ID; AWS_SECRET_ACCESS_KEY; AWS_SESSION_TOKEN;
> AWS_NO_SIGN_REQUEST; AWS_DEFAULT_PROFILE
>
>
> --
> *Jeannie May*
> Senior Software Engineer
> 11 Birmingham Drive, Christchurch | 963 5305 Office
> www.trimble.com
>
> Connect with us!
> _______________________________________________
> gdal-dev mailing list
> gdal-dev at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/gdal-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/gdal-dev/attachments/20210413/3a6bdba8/attachment.html>
More information about the gdal-dev
mailing list