micro-osd.sh: Clarify the suspicion around S3 credentials

It's unusual to put any kind of credentials out in open. The set of credentials defined with `S3_ACCESS_KEY` and `S3_SECRET_KEY` variables in the script are questionable in its nature. But these are not real/valid credential values in any form for AWS rather used for testing the S3 compatible API from Ceph RGW. Therefore clarify the intention and replace with sample values from official AWS documentation. Signed-off-by: Anoop C S <anoopcs@cryptolab.net>
2023-12-08 11:30:26 +05:30 · 2023-12-08 11:30:26 +05:30 · 09d81f5bb3
parent 7a733111f2
commit 09d81f5bb3
4 changed files with 14 additions and 9 deletions
--- a/micro-osd.sh
+++ b/micro-osd.sh
@ -39,10 +39,15 @@ MON_NAME="a"
 MGR_NAME="x"
 MIRROR_ID="m"
 RGW_ID="r"
-S3_ACCESS_KEY=2262XNX11FZRR44XWIRD
-S3_SECRET_KEY=rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw
-HOST_IP=$(getent ahostsv4 "${HOSTNAME}" | grep STREAM | head -n 1 | awk '{print $1}')

+# Following are examples for S3 credentials taken from official AWS docs:
+# https://docs.aws.amazon.com/IAM/latest/UserGuide/security-creds.html#access-keys-and-secret-access-keys
+# These does not represent real/valid credentials for AWS in any form.
+# They are exclusively used for testing S3 compatible API from Ceph RGW.
+S3_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE
+S3_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
+
+HOST_IP=$(getent ahostsv4 "${HOSTNAME}" | grep STREAM | head -n 1 | awk '{print $1}')
 FSID="$(uuidgen)"
 export CEPH_CONF=${DIR}/ceph.conf

--- a/rgw/admin/README.md
+++ b/rgw/admin/README.md
@ -3,7 +3,7 @@
 You must create an admin user like so:

 ```
-radosgw-admin user create --uid admin --display-name "Admin User" --caps "buckets=*;users=*;usage=read;metadata=read;zone=read --access-key=2262XNX11FZRR44XWIRD --secret-key=rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw
+radosgw-admin user create --uid admin --display-name "Admin User" --caps "buckets=*;users=*;usage=read;metadata=read;zone=read --access-key=AKIAIOSFODNN7EXAMPLE --secret-key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
 ```

 Then use the `access_key` and `secret_key` for authentication.
@ -19,7 +19,7 @@ import (

 func main() {
    // Generate a connection object
-    co, err := admin.New("http://192.168.1.1", "2262XNX11FZRR44XWIRD", "rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw", nil)
+    co, err := admin.New("http://192.168.1.1", "AKIAIOSFODNN7EXAMPLE", "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", nil)
    if err != nil {
        panic(err)
    }
--- a/rgw/admin/radosgw_test.go
+++ b/rgw/admin/radosgw_test.go
@ -114,8 +114,8 @@ func (s *S3Agent) createBucket(name string) error {
 }

 func (suite *RadosGWTestSuite) SetupConnection() {
-	suite.accessKey = "2262XNX11FZRR44XWIRD"
-	suite.secretKey = "rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw"
+	suite.accessKey = "AKIAIOSFODNN7EXAMPLE"
+	suite.secretKey = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
 	hostname := os.Getenv("HOSTNAME")
 	endpoint := hostname
 	if hostname != "test_ceph_aio" {
--- a/rgw/admin/user_test.go
+++ b/rgw/admin/user_test.go
@ -45,8 +45,8 @@ var (
  "keys": [
    {
      "user": "dashboard-admin",
-      "access_key": "4WD1FGM5PXKLC97YC0SZ",
-      "secret_key": "YSaT5bEcJTjBJCDG5yvr2NhGQ9xzoTIg8B1gQHa3"
+      "access_key": "AKIAIOSFODNN7EXAMPLE",
+      "secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
    }
  ],
  "swift_keys": [