Unable to pass private key as an environment varia

2019-07-25 13:03发布

站内问答 / 移动开发
1063 1 6

I have been trying to add a private key into the eb environment variable configuration and have tried removing the newline, changing the ("") to ('') but neither of which would be accepted by eb and causes the environment health to be degraded.

I have referenced other questions asked on the platform but most of them uses the export function or are able to get the key saved as an environment variable but unable to retrieve it in the code (How to set multiline RSA private key environment variable for AWS Elastic Beans)

I have added the last 100 lines of logs from eb below as a reference

-------------------------------------
/var/log/nodejs/nodejs.log
-------------------------------------
> webrtc-chatter@0.0.1 start /var/app/current
> node index.js




-------------------------------------
/var/log/nodejs/npm-debug.log
-------------------------------------
UTC 2018/12/28 09:55:31 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 
UTC 2018/12/28 13:22:14 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 
UTC 2018/12/31 10:03:31 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 
UTC 2018/12/31 13:10:09 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 
UTC 2018/12/31 13:19:10 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 
UTC 2018/12/31 13:21:04 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 
UTC 2018/12/31 13:34:08 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 
UTC 2018/12/31 13:41:11 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 
UTC 2018/12/31 14:02:34 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 
UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 



-------------------------------------
/var/log/eb-activity.log
-------------------------------------
  node-pre-gyp ERR! node-pre-gyp -v v0.12.0
  node-pre-gyp ERR! not ok 
  Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
  npm ERR! code ELIFECYCLE
  npm ERR! errno 1
  npm ERR! grpc@1.16.1 install: `node-pre-gyp install --fallback-to-build --library=static_library`
  npm ERR! Exit status 1
  npm ERR! 
  npm ERR! Failed at the grpc@1.16.1 install script.
  npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

  npm ERR! A complete log of this run can be found in:
  npm ERR!     /tmp/.npm/_logs/2018-12-31T19_09_33_684Z-debug.log
  Not using a reverse proxy
  Running npm install:  /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm
  Setting npm config jobs to 1
  npm config jobs set to 1
  Running npm with --production flag
  Failed to run npm install. Snapshot logs for more details.
  UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 

  Traceback (most recent call last):
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 695, in <module>
      main()
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 677, in main
      node_version_manager.run_npm_install(options.app_path)
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 136, in run_npm_install
      self.npm_install(bin_path, self.config_manager.get_container_config('app_staging_dir'))
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 180, in npm_install
      raise e
  subprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1 (ElasticBeanstalk::ExternalInvocationError)
caused by: + /opt/elasticbeanstalk/containerfiles/ebnode.py --action npm-install

  > grpc@1.16.1 install /tmp/deployment/application/node_modules/grpc
  > node-pre-gyp install --fallback-to-build --library=static_library

  node-pre-gyp WARN Using request for node-pre-gyp https download 
  node-pre-gyp WARN Pre-built binaries not installable for grpc@1.16.1 and node@10.13.0 (node-v64 ABI, glibc) (falling back to source compile with node-gyp) 
  node-pre-gyp WARN Hit error EACCES: permission denied, mkdir '/tmp/deployment/application/node_modules/grpc/src/node' 
  gyp ERR! configure error 
  gyp ERR! stack Error: EACCES: permission denied, mkdir '/tmp/deployment/application/node_modules/grpc/build'
  gyp ERR! System Linux 4.14.77-69.57.amzn1.x86_64
  gyp ERR! command "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node" "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "configure" "--fallback-to-build" "--library=static_library" "--module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node" "--module_name=grpc_node" "--module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc" "--napi_version=3" "--node_abi_napi=napi" "--napi_build_version=0" "--node_napi_label=node-v64"
  gyp ERR! cwd /tmp/deployment/application/node_modules/grpc
  gyp ERR! node -v v10.13.0
  gyp ERR! node-gyp -v v3.8.0
  gyp ERR! not ok 
  node-pre-gyp ERR! build error 
  node-pre-gyp ERR! stack Error: Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
  node-pre-gyp ERR! stack     at ChildProcess.<anonymous> (/tmp/deployment/application/node_modules/grpc/node_modules/node-pre-gyp/lib/util/compile.js:83:29)
  node-pre-gyp ERR! stack     at ChildProcess.emit (events.js:182:13)
  node-pre-gyp ERR! stack     at maybeClose (internal/child_process.js:962:16)
  node-pre-gyp ERR! stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:251:5)
  node-pre-gyp ERR! System Linux 4.14.77-69.57.amzn1.x86_64
  node-pre-gyp ERR! command "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node" "/tmp/deployment/application/node_modules/grpc/node_modules/.bin/node-pre-gyp" "install" "--fallback-to-build" "--library=static_library"
  node-pre-gyp ERR! cwd /tmp/deployment/application/node_modules/grpc
  node-pre-gyp ERR! node -v v10.13.0
  node-pre-gyp ERR! node-pre-gyp -v v0.12.0
  node-pre-gyp ERR! not ok 
  Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
  npm ERR! code ELIFECYCLE
  npm ERR! errno 1
  npm ERR! grpc@1.16.1 install: `node-pre-gyp install --fallback-to-build --library=static_library`
  npm ERR! Exit status 1
  npm ERR! 
  npm ERR! Failed at the grpc@1.16.1 install script.
  npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

  npm ERR! A complete log of this run can be found in:
  npm ERR!     /tmp/.npm/_logs/2018-12-31T19_09_33_684Z-debug.log
  Not using a reverse proxy
  Running npm install:  /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm
  Setting npm config jobs to 1
  npm config jobs set to 1
  Running npm with --production flag
  Failed to run npm install. Snapshot logs for more details.
  UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 

  Traceback (most recent call last):
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 695, in <module>
      main()
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 677, in main
      node_version_manager.run_npm_install(options.app_path)
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 136, in run_npm_install
      self.npm_install(bin_path, self.config_manager.get_container_config('app_staging_dir'))
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 180, in npm_install
      raise e
  subprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1 (Executor::NonZeroExitStatus)


[2018-12-31T19:09:33.710Z] INFO  [18640] - [Configuration update travis-5b0a4d4df0abae1daa0ab1e5fa92b27a5e51021a-1544498766@21/ConfigDeployStage0/ConfigDeployPreHook/50npm.sh] : Activity failed.
[2018-12-31T19:09:33.710Z] INFO  [18640] - [Configuration update travis-5b0a4d4df0abae1daa0ab1e5fa92b27a5e51021a-1544498766@21/ConfigDeployStage0/ConfigDeployPreHook] : Activity failed.
[2018-12-31T19:09:33.710Z] INFO  [18640] - [Configuration update travis-5b0a4d4df0abae1daa0ab1e5fa92b27a5e51021a-1544498766@21/ConfigDeployStage0] : Activity failed.
[2018-12-31T19:09:33.710Z] INFO  [18640] - [Configuration update travis-5b0a4d4df0abae1daa0ab1e5fa92b27a5e51021a-1544498766@21] : Completed activity. Result:
  Configuration update - Command CMD-ConfigDeploy failed
[2018-12-31T19:19:07.258Z] INFO  [19138] - [CMD-TailLogs] : Starting activity...
[2018-12-31T19:19:07.259Z] INFO  [19138] - [CMD-TailLogs/AddonsBefore] : Starting activity...
[2018-12-31T19:19:07.259Z] INFO  [19138] - [CMD-TailLogs/AddonsBefore] : Completed activity.
[2018-12-31T19:19:07.259Z] INFO  [19138] - [CMD-TailLogs/TailLogs] : Starting activity...
[2018-12-31T19:19:07.259Z] INFO  [19138] - [CMD-TailLogs/TailLogs/TailLogs] : Starting activity...



-------------------------------------
/var/log/eb-commandprocessor.log
-------------------------------------
  UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 

  Traceback (most recent call last):
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 695, in <module>
      main()
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 677, in main
      node_version_manager.run_npm_install(options.app_path)
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 136, in run_npm_install
      self.npm_install(bin_path, self.config_manager.get_container_config('app_staging_dir'))
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 180, in npm_install
      raise e
  subprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1 (ElasticBeanstalk::ExternalInvocationError)
caused by: + /opt/elasticbeanstalk/containerfiles/ebnode.py --action npm-install

  > grpc@1.16.1 install /tmp/deployment/application/node_modules/grpc
  > node-pre-gyp install --fallback-to-build --library=static_library

  node-pre-gyp WARN Using request for node-pre-gyp https download 
  node-pre-gyp WARN Pre-built binaries not installable for grpc@1.16.1 and node@10.13.0 (node-v64 ABI, glibc) (falling back to source compile with node-gyp) 
  node-pre-gyp WARN Hit error EACCES: permission denied, mkdir '/tmp/deployment/application/node_modules/grpc/src/node' 
  gyp ERR! configure error 
  gyp ERR! stack Error: EACCES: permission denied, mkdir '/tmp/deployment/application/node_modules/grpc/build'
  gyp ERR! System Linux 4.14.77-69.57.amzn1.x86_64
  gyp ERR! command "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node" "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "configure" "--fallback-to-build" "--library=static_library" "--module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node" "--module_name=grpc_node" "--module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc" "--napi_version=3" "--node_abi_napi=napi" "--napi_build_version=0" "--node_napi_label=node-v64"
  gyp ERR! cwd /tmp/deployment/application/node_modules/grpc
  gyp ERR! node -v v10.13.0
  gyp ERR! node-gyp -v v3.8.0
  gyp ERR! not ok 
  node-pre-gyp ERR! build error 
  node-pre-gyp ERR! stack Error: Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
  node-pre-gyp ERR! stack     at ChildProcess.<anonymous> (/tmp/deployment/application/node_modules/grpc/node_modules/node-pre-gyp/lib/util/compile.js:83:29)
  node-pre-gyp ERR! stack     at ChildProcess.emit (events.js:182:13)
  node-pre-gyp ERR! stack     at maybeClose (internal/child_process.js:962:16)
  node-pre-gyp ERR! stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:251:5)
  node-pre-gyp ERR! System Linux 4.14.77-69.57.amzn1.x86_64
  node-pre-gyp ERR! command "/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node" "/tmp/deployment/application/node_modules/grpc/node_modules/.bin/node-pre-gyp" "install" "--fallback-to-build" "--library=static_library"
  node-pre-gyp ERR! cwd /tmp/deployment/application/node_modules/grpc
  node-pre-gyp ERR! node -v v10.13.0
  node-pre-gyp ERR! node-pre-gyp -v v0.12.0
  node-pre-gyp ERR! not ok 
  Failed to execute '/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/node /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js configure --fallback-to-build --library=static_library --module=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc/grpc_node.node --module_name=grpc_node --module_path=/tmp/deployment/application/node_modules/grpc/src/node/extension_binary/node-v64-linux-x64-glibc --napi_version=3 --node_abi_napi=napi --napi_build_version=0 --node_napi_label=node-v64' (1)
  npm ERR! code ELIFECYCLE
  npm ERR! errno 1
  npm ERR! grpc@1.16.1 install: `node-pre-gyp install --fallback-to-build --library=static_library`
  npm ERR! Exit status 1
  npm ERR! 
  npm ERR! Failed at the grpc@1.16.1 install script.
  npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

  npm ERR! A complete log of this run can be found in:
  npm ERR!     /tmp/.npm/_logs/2018-12-31T19_09_33_684Z-debug.log
  Not using a reverse proxy
  Running npm install:  /opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm
  Setting npm config jobs to 1
  npm config jobs set to 1
  Running npm with --production flag
  Failed to run npm install. Snapshot logs for more details.
  UTC 2018/12/31 19:09:33 cannot find application npm debug log at /tmp/deployment/application/npm-debug.log 

  Traceback (most recent call last):
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 695, in <module>
      main()
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 677, in main
      node_version_manager.run_npm_install(options.app_path)
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 136, in run_npm_install
      self.npm_install(bin_path, self.config_manager.get_container_config('app_staging_dir'))
    File "/opt/elasticbeanstalk/containerfiles/ebnode.py", line 180, in npm_install
      raise e
  subprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1 (Executor::NonZeroExitStatus)


[2018-12-31T19:09:33.710Z] ERROR [18640] : Command CMD-ConfigDeploy failed!
[2018-12-31T19:09:33.711Z] INFO  [18640] : Command processor returning results: 
{"status":"FAILURE","api_version":"1.0","results":[{"status":"FAILURE","msg":"(TRUNCATED)...opt/elasticbeanstalk/containerfiles/ebnode.py\", line 180, in npm_install\n    raise e\nsubprocess.CalledProcessError: Command '['/opt/elasticbeanstalk/node-install/node-v10.13.0-linux-x64/bin/npm', '--production', 'install']' returned non-zero exit status 1. \nHook /opt/elasticbeanstalk/hooks/configdeploy/pre/50npm.sh failed. For more detail, check /var/log/eb-activity.log using console or EB CLI","returncode":1,"events":[{"msg":"Failed to run npm install. Snapshot logs for more details.","severity":"ERROR","timestamp":1546283373711}]}],"truncated":"true"}
[2018-12-31T19:19:07.253Z] DEBUG [19138] : Reading config file: /etc/elasticbeanstalk/.aws-eb-stack.properties
[2018-12-31T19:19:07.253Z] DEBUG [19138] : Checking if the command processor should execute...
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Checking whether the command is applicable to instance (i-088e05e1a293a85a2)..
[2018-12-31T19:19:07.255Z] INFO  [19138] : Command is applicable to this instance (i-088e05e1a293a85a2)..
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Checking if the received command stage is valid..
[2018-12-31T19:19:07.255Z] INFO  [19138] : No stage_num in command. Valid stage..
[2018-12-31T19:19:07.255Z] INFO  [19138] : Received command CMD-TailLogs: {"execution_data"=>"*", "instance_ids"=>["i-088e05e1a293a85a2"], "data"=>"f08833bc-0d30-11e9-b16c-2bf0c81d1d06", "command_name"=>"CMD-TailLogs", "api_version"=>"1.0", "resource_name"=>"AWSEBAutoScalingGroup", "request_id"=>"f08833bc-0d30-11e9-b16c-2bf0c81d1d06"}
[2018-12-31T19:19:07.255Z] INFO  [19138] : Command processor should execute command.
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Storing current stage..
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Stage_num does not exist. Not saving null stage. Returning..
[2018-12-31T19:19:07.255Z] DEBUG [19138] : Reading config file: /etc/elasticbeanstalk/.aws-eb-stack.properties
[2018-12-31T19:19:07.256Z] DEBUG [19138] : Retrieving metadata for key: AWS::ElasticBeanstalk::Ext||_ContainerConfigFileContent||commands..
[2018-12-31T19:19:07.256Z] DEBUG [19138] : Retrieving metadata for key: AWS::ElasticBeanstalk::Ext||_API||_Commands..
[2018-12-31T19:19:07.257Z] INFO  [19138] : Found enabled addons: ["logpublish", "logstreaming"].
[2018-12-31T19:19:07.258Z] INFO  [19138] : Updating Command definition of addon logpublish.
[2018-12-31T19:19:07.258Z] INFO  [19138] : Updating Command definition of addon logstreaming.
[2018-12-31T19:19:07.258Z] DEBUG [19138] : Loaded definition of Command CMD-TailLogs.
[2018-12-31T19:19:07.258Z] INFO  [19138] : Executing CMD-TailLogs
[2018-12-31T19:19:07.259Z] INFO  [19138] : Executing command: CMD-TailLogs...
[2018-12-31T19:19:07.259Z] INFO  [19138] : Executing command CMD-TailLogs activities...
[2018-12-31T19:19:07.259Z] DEBUG [19138] : Setting environment variables..
[2018-12-31T19:19:07.259Z] INFO  [19138] : Running AddonsBefore for command CMD-TailLogs...
[2018-12-31T19:19:07.259Z] DEBUG [19138] : Running stages of Command CMD-TailLogs from stage 0 to stage 0...
[2018-12-31T19:19:07.259Z] INFO  [19138] : Running stage 0 of command CMD-TailLogs...
[2018-12-31T19:19:07.259Z] DEBUG [19138] : Loaded 1 actions for stage 0.
[2018-12-31T19:19:07.259Z] INFO  [19138] : Running 1 of 1 actions: TailLogs...

Would greatly appreciate if anyone knows a fix for this.

AWS Elastic Beanstalk has finally deployed my application but still has the permission denied from accessing tmp file

Error: EACCES: permission denied, open '/tmp/firebaseadminsdk.json'

Followed exactly the documentation from AWS on storing Private Keys Securely in AWS S3.

Proceeded to create a S3 bucket without changing any permission during the creation. Bucket -> Permission -> Access Control List, checked if the canonical ID matches my IAM account and allow read access. The bucket still doesn't want to be read which I had to go into bucket policy and create a new policy using AWS Policy Generator.

Referenced from this Elastic Beanstalk S3 access via ebextensions.

Also had issues with node-gyp fails due to permission denied which I followed this https://stackoverflow.com/a/46001517/10638194.

I have also added 2 more .ebextensions which I feel one might not be needed

00_dir_permission.config

files:
  "/opt/elasticbeanstalk/hooks/appdeploy/pre/00_set_tmp_permissions.sh":
    mode: "000755"
    owner: root
    group: root
    content: |
      #!/usr/bin/env bash
      chown -R ec2-user /tmp
      chown -R $USER:$(id -gn $USER) /tmp/.config
      chown -R nodejs:nodejs /tmp/.npm

00_change_npm_permissions.config

files:
  "/opt/elasticbeanstalk/hooks/appdeploy/post/00_set_tmp_permissions.sh":
    mode: "000755"
    owner: root
    group: root
    content: |
      #!/usr/bin/env bash
      chown -R nodejs:nodejs /tmp/.npm

For the second config file I changed the path from /tmp/npm. to just /tmp/ which was the file that finally allowed my application to deploy but it looks like the same as the first config file, only difference being one is before deployment while the other is after deployment.

1条回答
Root(大扎)
2楼-- · 2019-07-25 13:38

Here is an example of securely downloading a .json file from S3 to your Elastic Beanstalk server. See the AWS documentation for reference. If you use your default elastic beanstalk bucket like in the AWS example, you don't need to worry about setting up permissions on the S3 bucket.

Here is the documentation for the file and container_commands directives. In this example, you are downloading the firebase config file to the /etc/pki/tls/certs/ directory. You can modify this location as needed.

# .ebextensions/firebase.config

# Make sure to update the bucket policy on the S3 bucket to
# allow access by the aws-elasticbeanstalk-ec2-role
Resources:
  AWSEBAutoScalingGroup:
    Metadata:
     AWS::CloudFormation::Authentication:
        S3Auth:
          type: "s3"
          buckets: ["my-bucket"]
          roleName:
            "Fn::GetOptionSetting":
              Namespace: "aws:autoscaling:launchconfiguration"
              OptionName: "IamInstanceProfile"
              DefaultValue: "aws-elasticbeanstalk-ec2-role"

 files:
   "/etc/pki/tls/certs/firebaseadminsdk.json":
      mode: "000400"
      owner: nodejs
      group: nodejs
      authentication: "S3Auth"
      source: https://s3-us-west-1.amazonaws.com/my-bucket/firebase-adminsdk-abcde-fghijklmn.json
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)