[MapServer-users] security of S3 credentials in Mapfile
Marcin Niemyjski
mniemyjski at cloudferro.com
Thu Dec 22 07:41:55 PST 2022
Even,
is it safer than keeping credentials in mapfile or is it just another way of providing them to mapserver?
Please tell me. Is keeping credentials in mapfile optimal and safe way?
Thank you,
Marcin
________________________________
From: Even Rouault <even.rouault at spatialys.com>
Sent: Thursday, December 22, 2022 3:59 PM
To: Marcin Niemyjski <mniemyjski at cloudferro.com>; Marcin Niemyjski via MapServer-users <mapserver-users at lists.osgeo.org>
Subject: Re: [MapServer-users] security of S3 credentials in Mapfile
GDAL can read S3 credentials from the ~/.aws/credentials file that is used by the aws command line utility. You would also probably want to create credentials with read-only permission for use by Apache.
Le 22/12/2022 à 15:49, Marcin Niemyjski via MapServer-users a écrit :
Hello,
because of using private bucket as a place where I keep my rasters I'm putting credentials in my mapfile as Enviromental Variables.
The question is - Is it safe?
Obviously, I do not want anyone mess with my data. Are there any tips beyond Apache aliases to hide mapfile path?
I already checked https://mapserver.org/optimization/limit_mapfile_access.html#limit-mapfile-access
The main goal is to keep credentials safe!
Best,
Marcin
_______________________________________________
MapServer-users mailing list
MapServer-users at lists.osgeo.org<mailto:MapServer-users at lists.osgeo.org>
https://lists.osgeo.org/mailman/listinfo/mapserver-users
--
http://www.spatialys.com
My software is free, but my time generally not.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/mapserver-users/attachments/20221222/a721d396/attachment.htm>
More information about the MapServer-users
mailing list