github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

add snapshot agent docs for new S3 config options

pull/15504/head
Chris Thain 2022-11-21 08:46:57 -08:00
parent f4c3e54b11
commit 6f18c57f5b
1 changed files with 24 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
website/content/commands/snapshot/agent.mdx
View File

@ -170,6 +170,12 @@ Usage: `consul snapshot agent [options]`
"aws_storage": { "aws_storage": {
"access_key_id": "", "access_key_id": "",
"secret_access_key": "", "secret_access_key": "",
"session_token": "",
"iam_endpoint": "",
"role_arn": "",
"role_session_name": "",
"web_identity_token_file": "",
"sts_endpoint": "",
"s3_region": "", "s3_region": "",
"s3_bucket": "", "s3_bucket": "",
"s3_key_prefix": "consul-snapshot", "s3_key_prefix": "consul-snapshot",
@ -265,16 +271,30 @@ if desired.
Note that despite the AWS references, any S3-compatible endpoint can be specified with `-aws-s3-endpoint`. Note that despite the AWS references, any S3-compatible endpoint can be specified with `-aws-s3-endpoint`.
- `-aws-access-key-id` and `-aws-secret-access-key` - These arguments supply - `-aws-access-key-id`, `-aws-secret-access-key` and `-aws-session-token` - These arguments supply static
authentication information for connecting to S3. These may also be supplied using authentication information for connecting to S3. These may also be supplied using
the following alternative methods:<br /> the following alternative methods:<br />
- `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables - `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY` and `AWS_SESSION_TOKEN` environment variables
- A credentials file (`~/.aws/credentials` or the file at the path specified by the - A credentials file (`~/.aws/credentials` or the file at the path specified by the
`AWS_SHARED_CREDENTIALS_FILE` environment variable) `AWS_SHARED_CREDENTIALS_FILE` environment variable)
- ECS task role metadata (container-specific) - ECS task role metadata (container-specific)
- EC2 instance role metadata - EC2 instance role metadata
- `-aws-iam-endpoint` - IAM endpoint to use when authenticating with static credentials.
Default is to use the global IAM endpoint.
- `-aws-role-arn`, `-aws-role-session-name`, and `-aws-web-identity-token-file` - These arguments are
used to obtain temporary credentials by assuming an IAM role. These may also be supplied using
the following alternative methods:<br />
- `AWS_ROLE_ARN`, `AWS_ROLE_SESSION_NAME`, and `AWS_WEB_IDENTITY_TOKEN_FILE` environment variables.
- A credentials file (~/.aws/credentials or the file at the path specified by the
`AWS_SHARED_CREDENTIALS_FILE` environment variable)
- `-aws-sts-endpoint` - STS endpoint to use for obtaining temporary credentials.
Default is to use the global STS endpoint.
- `-aws-s3-bucket` - S3 bucket to use. Required for S3 storage, and setting this - `-aws-s3-bucket` - S3 bucket to use. Required for S3 storage, and setting this
disables local storage. This should be only the bucket name without any disables local storage. This should be only the bucket name without any
part of the key prefix. part of the key prefix.
@ -284,8 +304,8 @@ Note that despite the AWS references, any S3-compatible endpoint can be specifie
- `-aws-s3-region` - S3 region to use. Required for S3 storage. - `-aws-s3-region` - S3 region to use. Required for S3 storage.
- `-aws-s3-endpoint` - Optional S3 endpoint to use. Can also be specified using the - `-aws-s3-endpoint` - S3 endpoint to use. Can also be specified using the
AWS_S3_ENDPOINT environment variable. `AWS_S3_ENDPOINT` environment variable. Defaults to the regional S3 endpoint.
- `-aws-s3-server-side-encryption` - Enables saving snapshots to S3 using server side encryption with [Amazon S3-Managed Encryption Keys](http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) - `-aws-s3-server-side-encryption` - Enables saving snapshots to S3 using server side encryption with [Amazon S3-Managed Encryption Keys](http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html)