mirror of
https://github.com/cookiecutter/cookiecutter-django.git
synced 2024-11-25 11:04:04 +03:00
Revert environment variables and update docs
This commit is contained in:
parent
39d2000856
commit
5f068dd972
|
@ -42,9 +42,9 @@ You will probably also need to setup the Mail backend, for example by adding a `
|
|||
.. _sentry.io: https://sentry.io/welcome
|
||||
.. _Mailgun: https://mailgun.com
|
||||
|
||||
Create AWS IAM Role for EC2 instance
|
||||
Optional: Use AWS IAM Role for EC2 instance
|
||||
------------------------------------
|
||||
As a security best practice, we don't store `AWS_ACCESS_KEY_ID` AND `AWS_SECRET_ACCESS_KEY` on the server. Instead, in order to authorize Django to access your S3 bucket, you need to create an `IAM role`_ and `attach`_ it to the existing EC2 instance or create a new EC2 instance with that role. This role should assume a minimum permission of `AmazonS3FullAccess`.
|
||||
If you are deploying to AWS, you can use the IAM role to substitute AWS credentials, after which it's safe to remove the `AWS_ACCESS_KEY_ID` AND `AWS_SECRET_ACCESS_KEY` from the `.env`. To do it, create an `IAM role`_ and `attach`_ it to the existing EC2 instance or create a new EC2 instance with that role. The role should assume a minimum permission of `AmazonS3FullAccess`.
|
||||
|
||||
.. _IAM role: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
|
||||
.. _attach: https://aws.amazon.com/blogs/security/easily-replace-or-attach-an-iam-role-to-an-existing-ec2-instance-by-using-the-ec2-console/
|
||||
|
|
|
@ -15,6 +15,8 @@ DJANGO_SECRET_KEY=!!!SET DJANGO_SECRET_KEY!!!
|
|||
DJANGO_ALLOWED_HOSTS=.{{ cookiecutter.domain_name }}
|
||||
|
||||
# AWS Settings
|
||||
DJANGO_AWS_ACCESS_KEY_ID=
|
||||
DJANGO_AWS_SECRET_ACCESS_KEY=
|
||||
DJANGO_AWS_STORAGE_BUCKET_NAME=
|
||||
|
||||
# Used with email
|
||||
|
|
Loading…
Reference in New Issue
Block a user