aboutsummaryrefslogtreecommitdiff
path: root/doc/eclat.conf.5
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org>2015-01-22 00:44:27 +0200
committerSergey Poznyakoff <gray@gnu.org>2015-01-22 00:44:27 +0200
commit0c7bb2d5cb81eb6077a8907ce2049278fb8e47ce (patch)
tree7392dad30ac09b3ff32bfb2882710b5117fdde35 /doc/eclat.conf.5
parent03c5b9aac73c6a70b1c67f467bbd484d2a532f10 (diff)
downloadeclat-0c7bb2d5cb81eb6077a8907ce2049278fb8e47ce.tar.gz
eclat-0c7bb2d5cb81eb6077a8907ce2049278fb8e47ce.tar.bz2
authentication-provider instance-store does not require role name argument
* NEWS: Update. * doc/eclat.conf.5: Update. * lib/Makefile.am: Add new sources. * lib/istore.c: New file. * lib/path.c: New file. * lib/libeclat.h (path_concat) (instance_store_curl_new) (instance_store_read): New protos. * src/config.c (cb_authentication_provider): second argument is optional for instance-store type. New compound statement: instance-store. * src/eclat.h (instance_store_base_url) (instance_store_port,instance_store_document_path): (instance_store_credentials_path): New externs. * src/ispeek.c: Rewrite using new functions. * src/util.c: Likewise.
Diffstat (limited to 'doc/eclat.conf.5')
-rw-r--r--doc/eclat.conf.542
1 files changed, 37 insertions, 5 deletions
diff --git a/doc/eclat.conf.5 b/doc/eclat.conf.5
index dd9489c..8b20b48 100644
--- a/doc/eclat.conf.5
+++ b/doc/eclat.conf.5
@@ -13,7 +13,7 @@
.\"
.\" You should have received a copy of the GNU General Public License
.\" along with Eclat. If not, see <http://www.gnu.org/licenses/>.
-.TH ECLAT.CONF 5 "January 21, 2015" "ECLAT" "Eclat User Reference"
+.TH ECLAT.CONF 5 "January 22, 2015" "ECLAT" "Eclat User Reference"
.SH NAME
eclat.conf \- configuration file for
.BR eclat (1).
@@ -380,7 +380,7 @@ region us\-west\-2 ec2.us\-west\-2.amazonaws.com;
.EE
.SS AUTHENTICATION
.TP
-\fBauthentication\-provider\fR \fITYPE\fR \fIARG\fB;\fR
+\fBauthentication\-provider\fR \fITYPE\fR [\fIARG\fR]\fB;\fR
Defines authentication provider to use. \fIAuthentication provider\fR
is a service that supplies AWS access key ID and secret key. See
.BR eclat (1),
@@ -397,9 +397,11 @@ If \fITYPE\fR is \fBfile\fR, the \fIARG\fR parameter is treated as a
shell globbing pattern: all files matching this pattern are attempted
in turn, until a keypair is found in one of them.
-If \fITYPE\fR is \fBinstance\-store\fR, \fIARG\fR is the name of the
-IAM role. Credentials will be obtained from the instance store for
-that role.
+If \fITYPE\fR is \fBinstance\-store\fR, credentials will be obtained
+from the instance store. \fIARG\fR is optional. If supplied, it
+should be the name of the IAM role this instance is launched with.
+At the time of this writing, an instance can be associated with a
+single role, which will be used by default.
.TP
\fBaccess\-file\fR \fIname\fR;
This is a shortcut for \fBauthentication\-provider file \fIname\fR.
@@ -446,6 +448,36 @@ By default the CA certificates shipped with
.BR libcurl (3)
will be used. You would rarely need to use \fBca\-file\fR or
\fBca\-path\fR statements.
+.SH INSTANCE STORE CONFIGURATION
+The \fBinstance\-store\fR compound statement configures HTTP access to
+the instance store. By default, \fBeclat\fR uses standard AWS values.
+This statement is intended mainly as an aid in debugging:
+.PP
+.EX
+ instance\-store {
+ base\-url \fIURL\fR;
+ port \fINUMBER\fR;
+ document\-path \fISTRING\fR;
+ credentials\-path \fISTRING\fR;
+ }
+.EE
+.TP
+.BI base\-url " URL" ;
+Base URL to use, instead of
+.BR http://169.254.169.254/latest .
+.TP
+.BI port " NUMBER" ;
+Port to use (defaults to \fB80\fR).
+.TP
+.BI document\-path " STRING" ;
+Pathname (relative to \fBbase\-url\fR) of the instance identity document
+file. Default:
+.BR dynamic/instance-identity/document .
+.TP
+.BI credentials\-path " STRING" ;
+Pathname (relative to \fBbase\-url\fR) of the instance store
+credentials directory. Default is
+.BR meta-data/iam/security-credentials .
.SH FORMAT DEFINITIONS
This group of statements declares the formats to use.
.TP

Return to:

Send suggestions and report system problems to the System administrator.