Change the save destination of the image to S3 in the Rails app. Part 2

Introduction

This is a continuation from the previous article (https://qiita.com/ysda/items/49fa6e8318c874a57b9e).

Be able to handle AWS keys safely

To prevent the AWS key from being leaked, set the contents of the key in an environment variable. If you don't know the environment variables, google to find out!

AWS key setting

There was a description such as [: access_key_id] and [: secret_access_key] in carrierwave.rb. This is where the preset keys are entered and in Rails 5.2 they are managed in a file called "credentials.yml.enc".

Now let's open credentials.yml.enc in an editor. You should see the encrypted string as shown below. スクリーンショット 2020-07-26 23.23.21.png

Set this so that VS Code can be started from the terminal. In VSCode, press Command + Shift + P at the same time to open the command palette. Then enter "shell". In the menu, the item "Install'code' command in PATH" is displayed. Click it. By doing this, you will be able to start VS Code by typing "code" from the terminal.

Now, let's execute the following command from the terminal. The decrypted credentials.yml.enc should be visible in VS Code and editable.

% EDITOR='code --wait' rails credentials:edit

Let's edit the AWS access_key_id and secret_access_key as follows. dcEU4PX7s6ICcTD1595774207_1595774265.png

master.key settings

credentials.yml.enc decrypts with a file called master.key. However, placing master.key in a production environment poses a security issue. Therefore, let's set the contents of master.key in the environment variable of the production environment.

Log in to your EC2 instance and open the file that sets the environment variables.

sudo vim /etc/environment

Copy the value of "config / master.key" in your local development environment and set it to RAILS_MASTER_KEY in your production environment.

RAILS_MASTER_KEY='master.key value'

Now that you have set the environment variables, log back in to your EC2 instance and check the environment variables with the following command.

env | grep RAILS_MASTER_KEY

Summary

The flow of referencing environment variables is as follows.

  1. Decrypt credentials.yml.enc with master.key in local environment
  2. Edit credentials.yml.enc and set access_key_id and secret_access_key.
  3. Deploy to production environment
  4. Set the contents of master.key to the environment variables of the production environment.
  5. The production environment credentials.yml.enc can be decrypted using environment variables.

With the previous article and the above settings, you should be able to upload images to S3! Perhaps! that's all!

Recommended Posts

Change the save destination of the image to S3 in the Rails app. Part 2
How to change app name in rails
Upload Rails app image file to S3
[Ruby on Rails] Change the save destination of gem refile * Note
[Ruby on Rails] How to make the link destination part of the specified id
[Rails] How to change the column name of the table
[Rails] How to display an image in the view
[Rails] I want to display the link destination of link_to in a separate tab
[Rails] Where to be careful in the description of validation
[Ruby on Rails] I want to get the URL of the image saved in Active Storage
[Rails] How to change the page title of the browser for each page
I want to change the value of Attribute in Selenium of Ruby
Change the default timezone for the rails app
The identity of params [: id] in rails
[Rails] Change the label name of f.label
The process of introducing Vuetify to Rails
Rails6: Extract the image in Action Text
How to change the maximum and maximum number of POST data in Spark
How to change the value of a variable at a breakpoint in intelliJ
[Rails] The cause of not being able to post was in form_with
[Rails] How to apply the CSS used in the main app with Administrate
[Rails + Webpacker] I want to use images of assets! Until you can view the image in Vue.js
[Rails] How to decide the destination by "rails routes"
[Order method] Set the order of data in Rails
[Rails 6] Change redirect destination at the time of new registration / login by devise
[Rails] Button to return to the top of the page
I tried to organize the session in Rails
Procedure to change lower_case_table_names = 1 in MySQL 8.0 of CentOS 8.3
[Rails] Get the path name of the URL before the transition and change the link destination
How to add sound in the app (swift)
[Swift] How to change the order of Bar Items in Tab Bar Controller [Beginner]
Change the timezone of the https-portal container to JST
[Rails5.2] Support for emoji of Mysql 5.7 in Docker (change character code to utf8mb4)
How to use JQuery in js.erb of Rails6
Change the location folder of Docker image & container
How to check Rails commands in the terminal
[rails] After option useful when you want to change the order of DB columns
How to install Docker in the local environment of an existing Rails application [Rails 6 / MySQL 8]
For those who want to use MySQL for the database in the environment construction of Rails6 ~.
[AWS Lambda] Resize the image saved in S3 and save it in another S3 (using Ruby)
Install multiple submit buttons in Rails View to get the value of the pressed button
Library not loaded when trying to upgrade the version of ruby and rails s
The part I was addicted to in "Introduction to Ajax in Java Web Applications" of NetBeans
Get the URL of the HTTP redirect destination in Java
How to set the display time to Japan time in Rails
[Heroku] Associate AWS S3 with the deployed Rails app
[Ruby on Rails] How to change the column name
Review the multilingual support (i18n) of the ios app in 3 minutes
Understand the characteristics of Scala in 5 minutes (Introduction to Scala)
I want to know the answer of the rock-paper-scissors app
[Rails 6] How to set a background image in Rails [CSS]
Change the storage quality of JPEG images in Java
[Rails] How to get the contents of strong parameters
How to judge the click of any area of the image
SSL in the local environment of Docker / Rails / puma
Get the URL of the HTTP redirect destination in Ruby
[Ruby On Rails] How to search and save the data of the parent table from the child table
Changing the debug build signature of the android app to the release signature is useful in many ways.
I want to change the color of the upper control navigation bar (Control menu) in Liferay 7 / DXP
The story of raising Spring Boot from 1.5 series to 2.1 series part2
[Rails] How to temporarily save the request URL of a user who is not logged in and return to that URL after logging in