Skip to content

tea-release.1.3.1: Official S3 direct access support
Compare
Choose a tag to compare
@reweeden reweeden released this 10 Feb 22:38
· 16 commits to master since this release
tea-release.1.3.1
005e441
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

With this release we are officially supporting S3 Direct access through TEA. This feature was experimentally implemented in v1.2.0 while we monitored its stability. This release also includes regular dependency updates.

Enabling S3 Direct Access Support (Optional)

For detailed information please refer to our docs page: https://tea-docs.asf.alaska.edu/s3access/

TEA now has the ability to hand out S3 direct access credentials through an /s3credentials endpoint. This is OFF by default and can be enabled via the CloudFormation parameter EnableS3CredentialsEndpoint, or if using the terraform module, the variable s3credentials_endpoint. Changes to this parameter can only take effect on the first stack update after switching to the new CloudFormation template (see technical limitations below for more info), so if you are attempting to enable it and it's not working, this may be why.

If you are considering turning on the S3 credentials endpoint and are making use of the granular prefix based permissions in TEA (rather than simple bucket level permissions) please read the compatibility section in our docs: https://tea-docs.asf.alaska.edu/configuration/#s3-direct-access-compatibility

Technical Limitations of CloudFormation Due to some limitations of CloudFormation, this change will only take effect when the API gateway deployment is updated which typically only happens on initial deployment. To work around this, the name of the CloudFormation resource for the API gateway deployment will have a unique random number appended to it in each release. If you need to force an update more frequently than that, you will need to manually change the name of the 'EgressAPIdeployment' resource in your CloudFormation template before redeploying.

What's Changed

New Contributors

Full Changelog: tea-release.1.3.0...tea-release.1.3.1

Contributors

yuvipanda and reweeden
Assets 6
Loading