Hey Arnaud,
If your app is deployed in Mendix cloud, usually it classifies data on 2 categories - Structured and Unstructured data. Structured/SQL data can be stored in its own Postgres DB. For Unstructured, it will use S3 bucket only.
Now when you are using Mendix cloud, you will be having limited access to infrastructure hence you can deploy your app using private cloud and there you can configure your own security for storage
Regards,
Naman Khard
I don't see how your answer is related to my question. Allow me to ask it differently then:
AWS allows multiple ways of authentication (see DefaultAWSCredentialsProviderChain (AWS SDK for Java - 1.12.638) (amazon.com))
AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
(RECOMMENDED since they are recognized by all the AWS SDKs and CLI except for .NET), or AWS_ACCESS_KEY
and AWS_SECRET_KEY
(only recognized by Java SDK)
However Mendix only supports one of them when configuring S3 as a storage (Runtime Customization | Mendix Documentation). Is there a plan to support other ways in the future?
Hi Arnaud,
With the Amazon S3 Connector from the marketplace, together with the AWS Authentication Connector, you can use temporary/session credentials to store and read files from S3.
There is a blogpost "Securely Connect with the AWS Authentication Connector", that describes how to set this up.
Does this help you with your question/request?
Kind regards,
Emiel Paasschens
Hi Emiel,
I'm afraid it does not answer my question. I think the AWS S3 connector works quite well and does well support short-lived tokens.
The issue is that it is not linked with the S3 Storage Runtime Customization | Mendix Documentation. It seems that Mendix has its own specific parameters regarding the configuration of an S3 bucket as its storage system instead of the filesystem and it is unfortunately completely separate from the AWS S3 connector module you are referring to.
Regards,
Arnaud