Programmatic Tigris token management?

Is there an API, CLI, SOAP email address, etc to allow code to manage bucket access tokens? It’s not in the Tigris docs or the fly CLI token docs.

Hi AstraLuma - are you referring to access keys or AWS session tokens?

Either? The thing you need to access the Tigris S3 API.

For the first time you have to create/grab the keys manually using

fly storage create

or

fly storage dashboard

or

going straight to the Tigris dashboard at https://console.tigris.dev - later on using AWS SDKs you can create access key

Ok. How do I make a new token through code?

You can use AWS SDK, Here is an example for GoLang

	// Initialize a new AWS session
	sess, err := session.NewSession(&aws.Config{
		Endpoint: aws.String("https://fly.storage.tigris.dev:8009"),
		Region:   aws.String("auto"),
		Credentials: credentials.NewStaticCredentials("<your_access_key_id>",
			"<your_access_key_secret>", ""), // <--- place your credentials here
	})
	if err != nil {
		fmt.Println("Failed to create AWS session:", err)
		return
	}

	// Create a new IAM service client
	iamSvc := iam.New(sess)

	// Create access key
	result, err := iamSvc.CreateAccessKey(&iam.
		CreateAccessKeyInput{UserName: aws.String("test-access-key-name")})
	if err != nil {
		fmt.Println("Failed to create access key:", err)
		return
	}

	// Print the access key details
	fmt.Println("Access Key ID:", *result.AccessKey.AccessKeyId)
	fmt.Println("Secret Access Key:", *result.AccessKey.SecretAccessKey)

with imports

	"fmt"
	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/credentials"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"

Similarly for other languages you can refer to AWS SDKs documents here

Java Manage IAM access keys - AWS SDK for Java 2.x

NodeJS Managing IAM Access Keys - AWS SDK for JavaScript

Similarly you can refer to other languages SDK example usage here Use CreateAccessKey with an AWS SDK or command line tool - AWS Identity and Access Management

Note

  • You still have to create initial one time key as mentioned above
  • The IAM service is served at port 8009 as shown in the example code above

Please do not hesitate to reach out if you have additional question.

Ah ok, thanks!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.