Amazon Web Services S3 Maven Wagon Support

Maven wagon support for s3:// urls

License

License

Categories

Categories

AWS Container PaaS Providers Maven Build Tools
GroupId

GroupId

com.vortexa
ArtifactId

ArtifactId

aws-maven
Last Version

Last Version

0.1.5
Release Date

Release Date

Type

Type

jar
Description

Description

Amazon Web Services S3 Maven Wagon Support
Maven wagon support for s3:// urls
Project URL

Project URL

https://github.com/VorTECHsa/aws-maven
Project Organization

Project Organization

Vortexa Ltd
Source Code Management

Source Code Management

https://github.com/VorTECHsa/aws-maven

Download aws-maven

How to add to project

<!-- https://jarcasting.com/artifacts/com.vortexa/aws-maven/ -->
<dependency>
    <groupId>com.vortexa</groupId>
    <artifactId>aws-maven</artifactId>
    <version>0.1.5</version>
</dependency>
// https://jarcasting.com/artifacts/com.vortexa/aws-maven/
implementation 'com.vortexa:aws-maven:0.1.5'
// https://jarcasting.com/artifacts/com.vortexa/aws-maven/
implementation ("com.vortexa:aws-maven:0.1.5")
'com.vortexa:aws-maven:jar:0.1.5'
<dependency org="com.vortexa" name="aws-maven" rev="0.1.5">
  <artifact name="aws-maven" type="jar" />
</dependency>
@Grapes(
@Grab(group='com.vortexa', module='aws-maven', version='0.1.5')
)
libraryDependencies += "com.vortexa" % "aws-maven" % "0.1.5"
[com.vortexa/aws-maven "0.1.5"]

Dependencies

compile (4)

Group / Artifact Type Version
ch.qos.logback : logback-classic jar 1.1.1
com.amazonaws : aws-java-sdk jar 1.11.534
org.slf4j : jcl-over-slf4j jar 1.7.6
org.slf4j : slf4j-api jar 1.7.6

provided (1)

Group / Artifact Type Version
org.apache.maven.wagon : wagon-provider-api jar 2.6

test (2)

Group / Artifact Type Version
junit : junit jar 4.11
org.mockito : mockito-core jar 1.9.5

Project Modules

There are no modules declared in this project.

AWS Maven Wagon

This project is a Maven Wagon for Amazon S3.

It is a fork of the original Spring Build project, adapted to support session tokens.

In order to publish artifacts to an S3 bucket, the user (as identified by their access key) must be listed as an owner on the bucket.

Usage

To publish Maven artifacts to S3 a build extension must be defined in a project's pom.xml. The latest version of the wagon can be found on the aws-maven page in Nexus.

<project>
  ...
  <build>
    ...
    <extensions>
      ...
      <extension>
        <groupId>com.vortexa</groupId>
        <artifactId>aws-maven</artifactId>
        <version>0.1.4</version>
      </extension>
      ...
    </extensions>
    ...
  </build>
  ...
</project>

Once the build extension is configured distribution management repositories can be defined in the pom.xml with an s3:// scheme.

<project>
  ...
  <distributionManagement>
    <repository>
      <id>aws-release</id>
      <name>AWS Release Repository</name>
      <url>s3://<BUCKET>/release</url>
    </repository>
    <snapshotRepository>
      <id>aws-snapshot</id>
      <name>AWS Snapshot Repository</name>
      <url>s3://<BUCKET>/snapshot</url>
    </snapshotRepository>
  </distributionManagement>
  ...
</project>

The code looks for the following three environment variables:

  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_SESSION_TOKEN

If all three are found, they are used for authentication. If not, settings.xml comes into play.

The ~/.m2/settings.xml must be updated to include access and secret keys for the account when not using environment-variable based session authentication.

The access key should be used to populate the username element, and the secret access key should be used to populate the password element.

<settings>
  ...
  <servers>
    ...
    <server>
      <id>aws-release</id>
      <username>0123456789ABCDEFGHIJ</username>
      <password>0123456789abcdefghijklmnopqrstuvwxyzABCD</password>
    </server>
    <server>
      <id>aws-snapshot</id>
      <username>0123456789ABCDEFGHIJ</username>
      <password>0123456789abcdefghijklmnopqrstuvwxyzABCD</password>
    </server>
    ...
  </servers>
  ...
</settings>

Alternatively, the access and secret keys for the account can be provided using

Making Artifacts Public

This wagon doesn't set an explict ACL for each artfact that is uploaded. Instead you should create an AWS Bucket Policy to set permissions on objects. A bucket policy can be set in the AWS Console and can be generated using the AWS Policy Generator.

In order to make the contents of a bucket public you need to add statements with the following details to your policy:

Effect Principal Action Amazon Resource Name (ARN)
Allow * ListBucket arn:aws:s3:::<BUCKET>
Allow * GetObject arn:aws:s3:::<BUCKET>/*

If your policy is setup properly it should look something like:

{
  "Id": "Policy1397027253868",
  "Statement": [
    {
      "Sid": "Stmt1397027243665",
      "Action": [
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::<BUCKET>",
      "Principal": {
        "AWS": [
          "*"
        ]
      }
    },
    {
      "Sid": "Stmt1397027177153",
      "Action": [
        "s3:GetObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::<BUCKET>/*",
      "Principal": {
        "AWS": [
          "*"
        ]
      }
    }
  ]
}

If you prefer to use the command line, you can use the following script to make the contents of a bucket public:

BUCKET=<BUCKET>
TIMESTAMP=$(date +%Y%m%d%H%M)
POLICY=$(cat<<EOF
{
  "Id": "public-read-policy-$TIMESTAMP",
  "Statement": [
    {
      "Sid": "list-bucket-$TIMESTAMP",
      "Action": [
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::$BUCKET",
      "Principal": {
        "AWS": [
          "*"
        ]
      }
    },
    {
      "Sid": "get-object-$TIMESTAMP",
      "Action": [
        "s3:GetObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::$BUCKET/*",
      "Principal": {
        "AWS": [
          "*"
        ]
      }
    }
  ]
}
EOF
)

aws s3api put-bucket-policy --bucket $BUCKET --policy "$POLICY"
com.vortexa

Vortexa

Versions

Version
0.1.5
0.1.4
0.1.3
0.1.2