Credentials Manager for Amazon S3 Storage device
Rather than storing static AWS credentials in the Content Engine, you can use a credentials manager to provide credentials dynamically to both S3 advanced storage devices and S3 fixed content devices.
Credentials manager is a pluggable mechanism by which credentials used by Content Platform Engine can be delivered by custom code. Credentials managers can be used to solve many different problems such as using AWS temporary credentials and automatic rotation of credentials
CMCredentialsManager
The CmCredentialsManager
class in the Content Engine API supports providing dynamic credentials for an
Amazon S3 storage device, and the Content Engine has
implementations of a credentials manager based on EC2 roles for traditional deployments in AWS
cloud, and web identity providers for containerized deployments in AWS cloud.