diff --git a/docs/versioned/eventing/sinks/integration-sink/aws_s3.md b/docs/versioned/eventing/sinks/integration-sink/aws_s3.md index 6f791eabaf2..c8640b67ebf 100644 --- a/docs/versioned/eventing/sinks/integration-sink/aws_s3.md +++ b/docs/versioned/eventing/sinks/integration-sink/aws_s3.md @@ -11,11 +11,30 @@ The `IntegrationSink` supports the Amazon Web Services (AWS) S3 service, through ## Amazon credentials -For connecting to AWS the `IntegrationSink` uses Kubernetes `Secret`, present in the namespace of the resource. The `Secret` can be created like: +There are two options for authenticating to AWS. + +### Access key and secret + +To use an IAM User access key and secret, create a Kubernetes `Secret` in the namespace of the resource. The `Secret` can be created like: ```bash kubectl -n create secret generic my-secret --from-literal=aws.accessKey= --from-literal=aws.secretKey= ``` +Then in the `IntegrationSink` `.spec.aws.auth` section reference the `Secret` like this: +```yaml + auth: + secret: + ref: + name: "my-secret" +``` + +### Pod Default Credentials + +If you are using [IAM Role for Service Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) or [Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html), you can create a Kubernetes `ServiceAccount` and associate it with an AWS IAM role. Then in the `IntegrationSink` `.spec.aws.auth` section specify the name of the `ServiceAccount`. This will assign the `ServiceAccount` to the `Deployment` resource created for the `IntegrationSink`. +```yaml + auth: + serviceAccountName: "my-service-account" +``` ## AWS S3 Sink Example diff --git a/docs/versioned/eventing/sinks/integration-sink/aws_sns.md b/docs/versioned/eventing/sinks/integration-sink/aws_sns.md index 02d99b47b29..57705e11cfb 100644 --- a/docs/versioned/eventing/sinks/integration-sink/aws_sns.md +++ b/docs/versioned/eventing/sinks/integration-sink/aws_sns.md @@ -11,11 +11,30 @@ The `IntegrationSink` supports the Amazon Web Services (AWS) Simple Notification ## Amazon credentials -For connecting to AWS the `IntegrationSink` uses Kubernetes `Secret`, present in the namespace of the resource. The `Secret` can be created like: +There are two options for authenticating to AWS. + +### Access key and secret + +To use an IAM User access key and secret, create a Kubernetes `Secret` in the namespace of the resource. The `Secret` can be created like: ```bash kubectl -n create secret generic my-secret --from-literal=aws.accessKey= --from-literal=aws.secretKey= ``` +Then in the `IntegrationSink` `.spec.aws.auth` section reference the `Secret` like this: +```yaml + auth: + secret: + ref: + name: "my-secret" +``` + +### Pod Default Credentials + +If you are using [IAM Role for Service Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) or [Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html), you can create a Kubernetes `ServiceAccount` and associate it with an AWS IAM role. Then in the `IntegrationSink` `.spec.aws.auth` section specify the name of the `ServiceAccount`. This will assign the `ServiceAccount` to the `Deployment` resource created for the `IntegrationSink`. +```yaml + auth: + serviceAccountName: "my-service-account" +``` ## AWS SNS Sink Example @@ -37,6 +56,6 @@ Below is an `IntegrationSink` to send data to AWS SNS: ref: name: "my-secret" ``` -Inside of the `aws.sns` object we define the name of the topic (or _arn_) and its region. The credentials for the AWS service are referenced from the `my-secret` Kubernetes `Secret` +Inside of the `aws.sns` object we define the name of the topic (or _arn_) and its region. The credentials for the AWS service are referenced from the `my-secret` Kubernetes `Secret` More details about the Apache Camel Kamelet [aws-sns-sink](https://camel.apache.org/camel-kamelets/latest/aws-sns-sink.html). diff --git a/docs/versioned/eventing/sinks/integration-sink/aws_sqs.md b/docs/versioned/eventing/sinks/integration-sink/aws_sqs.md index 5744cee4c64..393bf3f7193 100644 --- a/docs/versioned/eventing/sinks/integration-sink/aws_sqs.md +++ b/docs/versioned/eventing/sinks/integration-sink/aws_sqs.md @@ -11,11 +11,30 @@ The `IntegrationSink` supports the Amazon Web Services (AWS) Simple Queue Servic ## Amazon credentials -For connecting to AWS the `IntegrationSink` uses Kubernetes `Secret`, present in the namespace of the resource. The `Secret` can be created like: +There are two options for authenticating to AWS. + +### Access key and secret + +To use an IAM User access key and secret, create a Kubernetes `Secret` in the namespace of the resource. The `Secret` can be created like: ```bash kubectl -n create secret generic my-secret --from-literal=aws.accessKey= --from-literal=aws.secretKey= ``` +Then in the `IntegrationSink` `.spec.aws.auth` section reference the `Secret` like this: +```yaml + auth: + secret: + ref: + name: "my-secret" +``` + +### Pod Default Credentials + +If you are using [IAM Role for Service Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) or [Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html), you can create a Kubernetes `ServiceAccount` and associate it with an AWS IAM role. Then in the `IntegrationSink` `.spec.aws.auth` section specify the name of the `ServiceAccount`. This will assign the `ServiceAccount` to the `Deployment` resource created for the `IntegrationSink`. +```yaml + auth: + serviceAccountName: "my-service-account" +``` ## AWS SQS Sink Example @@ -37,6 +56,6 @@ Below is an `IntegrationSink` to send data to AWS SQS: ref: name: "my-secret" ``` -Inside of the `aws.sqs` object we define the name of the queue (or _arn_) and its region. The credentials for the AWS service are referenced from the `my-secret` Kubernetes `Secret` +Inside of the `aws.sqs` object we define the name of the queue (or _arn_) and its region. The credentials for the AWS service are referenced from the `my-secret` Kubernetes `Secret` More details about the Apache Camel Kamelet [aws-sqs-sink](https://camel.apache.org/camel-kamelets/latest/aws-sqs-sink.html). diff --git a/docs/versioned/eventing/sources/integration-source/aws_ddbstreams.md b/docs/versioned/eventing/sources/integration-source/aws_ddbstreams.md index 6bf3345f63a..0884c9b89f2 100644 --- a/docs/versioned/eventing/sources/integration-source/aws_ddbstreams.md +++ b/docs/versioned/eventing/sources/integration-source/aws_ddbstreams.md @@ -11,11 +11,30 @@ The `IntegrationSource` supports the Amazon Web Services (AWS) DynamoDB Streams ## Amazon credentials -For connecting to AWS the `IntegrationSource` uses Kubernetes `Secret`, present in the namespace of the resource. The `Secret` can be created like: +There are two options for authenticating to AWS. + +### Access key and secret + +To use an IAM User access key and secret, create a Kubernetes `Secret` in the namespace of the resource. The `Secret` can be created like: ```bash kubectl -n create secret generic my-secret --from-literal=aws.accessKey= --from-literal=aws.secretKey= ``` +Then in the `IntegrationSource` `.spec.aws.auth` section reference the `Secret` like this: +```yaml + auth: + secret: + ref: + name: "my-secret" +``` + +### Pod Default Credentials + +If you are using [IAM Role for Service Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) or [Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html), you can create a Kubernetes `ServiceAccount` and associate it with an AWS IAM role. Then in the `IntegrationSource` `.spec.aws.auth` section specify the name of the `ServiceAccount`. This will assign the `ServiceAccount` to the `Deployment` resource created for the `IntegrationSource`. +```yaml + auth: + serviceAccountName: "my-service-account" +``` ## AWS DynamoDB Streams Example diff --git a/docs/versioned/eventing/sources/integration-source/aws_s3.md b/docs/versioned/eventing/sources/integration-source/aws_s3.md index c72fa36a4ed..2d45cff95eb 100644 --- a/docs/versioned/eventing/sources/integration-source/aws_s3.md +++ b/docs/versioned/eventing/sources/integration-source/aws_s3.md @@ -11,11 +11,30 @@ The `IntegrationSource` supports the Amazon Web Services (AWS) S3 service, throu ## Amazon credentials -For connecting to AWS the `IntegrationSource` uses Kubernetes `Secret`, present in the namespace of the resource. The `Secret` can be created like: +There are two options for authenticating to AWS. + +### Access key and secret + +To use an IAM User access key and secret, create a Kubernetes `Secret` in the namespace of the resource. The `Secret` can be created like: ```bash kubectl -n create secret generic my-secret --from-literal=aws.accessKey= --from-literal=aws.secretKey= ``` +Then in the `IntegrationSource` `.spec.aws.auth` section reference the `Secret` like this: +```yaml + auth: + secret: + ref: + name: "my-secret" +``` + +### Pod Default Credentials + +If you are using [IAM Role for Service Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) or [Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html), you can create a Kubernetes `ServiceAccount` and associate it with an AWS IAM role. Then in the `IntegrationSource` `.spec.aws.auth` section specify the name of the `ServiceAccount`. This will assign the `ServiceAccount` to the `Deployment` resource created for the `IntegrationSource`. +```yaml + auth: + serviceAccountName: "my-service-account" +``` ## AWS S3 Source Example diff --git a/docs/versioned/eventing/sources/integration-source/aws_sqs.md b/docs/versioned/eventing/sources/integration-source/aws_sqs.md index 9ffb5062afb..e695f6e40d2 100644 --- a/docs/versioned/eventing/sources/integration-source/aws_sqs.md +++ b/docs/versioned/eventing/sources/integration-source/aws_sqs.md @@ -11,11 +11,30 @@ The `IntegrationSource` supports the Amazon Web Services (AWS) Simple Queue Serv ## Amazon credentials -For connecting to AWS the `IntegrationSource` uses Kubernetes `Secret`, present in the namespace of the resource. The `Secret` can be created like: +There are two options for authenticating to AWS. + +### Access key and secret + +To use an IAM User access key and secret, create a Kubernetes `Secret` in the namespace of the resource. The `Secret` can be created like: ```bash kubectl -n create secret generic my-secret --from-literal=aws.accessKey= --from-literal=aws.secretKey= ``` +Then in the `IntegrationSource` `.spec.aws.auth` section reference the `Secret` like this: +```yaml + auth: + secret: + ref: + name: "my-secret" +``` + +### Pod Default Credentials + +If you are using [IAM Role for Service Accounts](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html) or [Pod Identity](https://docs.aws.amazon.com/eks/latest/userguide/pod-identities.html), you can create a Kubernetes `ServiceAccount` and associate it with an AWS IAM role. Then in the `IntegrationSource` `.spec.aws.auth` section specify the name of the `ServiceAccount`. This will assign the `ServiceAccount` to the `Deployment` resource created for the `IntegrationSource`. +```yaml + auth: + serviceAccountName: "my-service-account" +``` ## AWS SQS Source Example @@ -35,13 +54,13 @@ Below is an `IntegrationSource` to receive data from AWS SQS. auth: secret: ref: - name: "my-secret" + name: "my-secret" sink: ref: apiVersion: eventing.knative.dev/v1 kind: Broker name: default ``` -Inside of the `aws.sqs` object we define the name of the queue (or _arn_) and its region. The credentials for the AWS service are referenced from the `my-secret` Kubernetes `Secret` +Inside of the `aws.sqs` object we define the name of the queue (or _arn_) and its region. The credentials for the AWS service are referenced from the `my-secret` Kubernetes `Secret` More details about the Apache Camel Kamelet [aws-sqs-source](https://camel.apache.org/camel-kamelets/latest/aws-sqs-source.html).