This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2015-10-23
Channels
- # announcements (1)
- # aws (11)
- # beginners (28)
- # boot (235)
- # business (1)
- # cider (19)
- # clojure (34)
- # clojure-china (1)
- # clojure-czech (10)
- # clojure-japan (7)
- # clojure-poland (3)
- # clojure-russia (84)
- # clojure-sg (4)
- # clojure-uk (3)
- # clojurescript (114)
- # community-development (4)
- # core-async (15)
- # cursive (8)
- # datascript (5)
- # datomic (6)
- # editors-rus (27)
- # events (2)
- # hoplon (61)
- # jobs (2)
- # ldnclj (56)
- # ldnproclodo (5)
- # lein-figwheel (232)
- # luminus (1)
- # off-topic (5)
- # om (215)
- # onyx (436)
- # overtone (8)
- # re-frame (3)
- # reagent (3)
I could be wrong about this since I don’t know your use-case and haven’t done much with Lambda in anger, but should you not be assigning IAM roles to your Lamba functions that have the perms you need?
I fee like looking for key-pair creds inside a Lambda function is something of an anti-pattern
@clojuregeek: what @chris_johnson said, use an IAM profile with appropriate permissions, aws-sdk (through amazonica) should pick that up
@clojuregeek: also, if you get your local machines env that means that you're calling System/getenv
at compile-time, instead of runtime, which would happen if you for example had:
@ragge: @chris_johnson (def instances (ec2/describe-instances creds))
the code uses amazonica library
I ended up passing the creds to the function which worked out better in the long run
@clojuregeek: that’s an interesting case - do you expect the Lambda function to be getting instance metadata for some credentials, or always a known account/role/keypair?
Now I’m interested enough in this to try and work up an example, if time allows this afternoon.
@clojuregeek: just be aware that if you do (def instances (ec2/describe-instances creds))
and that namespace is AOT compiled then the call to ec2 will be executed at compile time
@clojuregeek: just like (def x (println "Hello"))