Configuring cloud credentials

Overview

To use FaaSr, you need one of more cloud accounts of two types:

FaaS cloud accounts: this is where your workflows run; these include:
- A GitHub account for GitHub Actions
- An Amazon Web Services (AWS) account for Lambda functions
- An OpenWhisk account, an open-source platform typically used in private clouds
S3 storage accounts: this is where your data is stored; there are several S3 providers to choose from, including:
- An Amazon Web Services (AWS) S3 account
- An Open Storage Network account, available for researchers.
- An account in an open-source Minio-based storage server. Minio is used both in private clouds as well as in commercial clouds. For example, Minio Play is a freely available test environment.

This article overviews how to obtain credentials from cloud services, and how to configure FaaSr to use them.

As with all credentials, treat them like you would passwords - store safely and do not share them with others.

FaaS cloud computing credentials

GitHub

If you don’t already have one, you need to generate a GitHub Personal Access Token (PAT) to configure FaaSr. Details on how to create a PAT are available here

In summary: - In the upper-right corner of any page, click your profile photo, then click Settings. - In the left sidebar, click Developer settings. - In the left sidebar, click Personal access tokens. - Click Generate new token. - In the “Note” field, give your token a descriptive name. - In scopes, select “workflow” and “read:org” (under admin:org) - Copy and paste the token; you will need to save it to the faasr_env file in your computer for use with FaaSr, in this format:

"My_GitHub_Account_TOKEN"="REPLACE_WITH_YOUR_GITHUB_TOKEN"

AWS Lambda

You need an access key and secret key to use Lambda in FaaSr. You can download your access and secret keys from your Amazon AWS console. You will need to save it to the faasr_env file in your computer for use with FaaSr, in this format:

"My_Lambda_Account_ACCESS_KEY"="REPLACE_WITH_YOUR_AWS_LAMBDA_ACCESS_KEY"
"My_Lambda_Account_SECRET_KEY"="REPLACE_WITH_YOUR_AWS_LAMBDA_SECRET_KEY"

OpenWhisk

You need an OpenWhisk ID and secret key from your provider to configure for use in FaaSr. How you obtain those will depend on your cloud provider. You will need to save it to the faasr_env file in your computer for use with FaaSr, in this format (note the colon separating OPENWHISK_ID from SECRET_KEY)

"My_OW_Account_API_KEY"="REPLACE_WITH_YOUR_OPENWHISK_ID:SECRET_KEY"

S3 cloud storage credentials

In general, the credentials you need from your S3 account are the ACCESS_KEY and the SECRET_KEY. These are akin to user names and passwords.

Open Storage Network

For researchers in the US, you can request an allocation of 10+ TB S3 storage. If your request is approved, you will be assigned one S3 bucket, and can use the access and secret keys provided to you for use with FaaSr.

"My_OSN_Bucket_ACCESS_KEY"="REPLACE_WITH_YOUR_ACCESS_KEY"
"My_OSN_Bucket_SECRET_KEY"="REPLACE_WITH_YOUR_SECRET_KEY"

Minio

How credentials are assigned and given to you depends on which entity is managing the Minio service. The important information you need from a Minio service are: the Endpoint (the Internet address of the service), access and secret keys. The Endpoint is configured in the JSON file - which you can generate from the FaaSr-JSON-Builder Shiny app The access and secret keys are configured in your faasr_env file in your RStudio.

For example, for the freely avaialble Minio Play test service, the endpoint is https://play.min.io and the access and secret keys are:

"My_Minio_Bucket_ACCESS_KEY"="Q3AM3UQ867SPQQA43P2F"
"My_Minio_Bucket_SECRET_KEY"="zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG"

AWS S3

You can download your access and secret keys from your Amazon AWS console, for example by following these instructions