AWS¶
Authentication¶
No configuration is needed within Nautobot for this provider to operate. Instead, you must provide AWS credentials in one of the methods supported by the boto3
library.
Boto3 credentials can be configured in multiple ways (eight as of this writing) that are mirrored here:
- Passing credentials as parameters in the
boto.client()
method - Passing credentials as parameters when creating a Session object
- Environment variables
- Shared credential file (
~/.aws/credentials
) - AWS config file (
~/.aws/config
) - Assume Role provider
- Boto2 config file (
/etc/boto.cfg
and~/.boto
) - Instance metadata service on an Amazon EC2 instance that has an IAM role configured.
The AWS providers only support methods 3-8. Methods 1 and 2 ARE NOT SUPPORTED at this time.
We highly recommend you defer to using environment variables for your deployment as specified in the credentials documentation linked above. The values specified in the linked documentation should be set within your ~.bashrc
(or similar profile) on your system.
Configuration¶
This is an example based on our recommended deployment pattern in the section above (method 3) that uses environment variables. You will need to set these in the environment prior to starting Nautobot:
export AWS_ACCESS_KEY_ID=foo # The access key for your AWS account.
export AWS_SECRET_ACCESS_KEY=bar # The secret key for your AWS account.
Please refer to the Nautobot documentation on updating your .bashrc
for how to do this for production Nautobot deployments.