Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
menu search
person
editAsk a Question
Welcome To Ask or Share your Answers For Others

Categories

jmeter - Performance Test - Upload dashboards to s3

in Technique[技术] by (71.8m points)

I wanted to upload my JMeter dashboards to s3. The JMeter tests are run in EC2 instances. I would like to use IAM roles instead of an access key to upload the dashboards to s3 for security reasons. I went through this page where files are uploaded using access key using HTTP requests. https://www.blazemeter.com/blog/how-to-handle-dynamic-aws-sigv4-in-jmeter-for-api-testing can the same be achieved through I am roles instead of access key or do I need to import java class to upload files using s3 client, instanceprofilecredentials provider, and processor

question from:https://stackoverflow.com/questions/65889898/performance-test-upload-dashboards-to-s3

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
1.4k views
Welcome To Ask or Share your Answers For Others

1 Answer

by (71.8m points)

Here is something you can try:

  1. Create Role:

    aws iam create-role --role-name <PerfTest-EC2-Role-Name> --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Sid":"","Effect":"Allow","Principal":{"Service": "ec2.amazonaws.com"},"Action":"sts:AssumeRole"}]}'

  2. Add Role to EC2 Instance Profile:

    aws iam add-role-to-instance-profile --instance-profile-name <JMeter-EC2-InstanceProfile-ID> --role-name <PerfTest-EC2-Role-Name>

  3. Grant the Role S3 permissions:

    cat << EOF > BucketPolicy.json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadGetObject",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:GetObject"
            ],
            "Resource": "arn:aws:s3:::<Bucket-Name>/*"
        },
        {
            "Sid": "ServiceRoleWriteObject",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<Client-ID>:role/<PerfTest-EC2-Role-Name>"
            },
            "Action": [
                "s3:DeleteObject",
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::<Bucket-Name>/*"
        }
    ]
}
EOF

aws s3api put-bucket-policy --bucket <Bucket-Name> --policy file://BucketPolicy.json

If 2. above fails with Cannot exceed quota for InstanceSessionsPerInstanceProfile: 1 you can look at this answer.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share

Just Browsing Browsing

548k questions

547k answers

4 comments

86.3k users

Most popular tags

Theme made by Momin Raza, Modified by Ostack
Powered by Question2Answer
...