Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help

     euca2ools.ini -- configuration for	euca2ools

     euca2ools.ini files are used to configure the euca2ools suite of command
     line tools.  They store the locations of the services for the commands to
     contact, the security credentials to use to authenticate to them, and
     other configuration options as well.

     euca2ools.ini is broken into a number of sections.	 Sections are denoted
     by	section	headers, which consist of section names	surrounded by square
     braces.  Within each section, an option is	set by listing its name, an
     "=" sign, and its value.  For example, the	following enables debugging
     for all commands by setting the "debug" option in the "global" section to

	   debug = true

     Most sections have	user-defined names.  Such a section's name is defined
     by	a second word in its header.  Named sections provide a means of	choos-
     ing different configuration using the command line.  For example, the
     following defines two regions with	different URLs for their EC2 services
     that one can select using the --region command line option:

	   [region us-east-1]
	   ec2-url =

	   [region eu-west-1]
	   ec2-url =

     Named sections can	contain	"*" wildcards, which makes them	act as fall-
     backs when	options	are not	available in sections with more	specific names
     that contain fewer	wildcards.  Sections with more specific	names take
     precedence	over those with	less specific names.  "*" sections function as
     defaults when the value for an option cannot be found anywhere else.

     Named sections can	also be	organized into groups by choosing names	for
     groups and	prepending section names with them, separated by ":" charac-
     ters.  When combined with wildcards, this allows one to specify defaults
     for several sections at once and then override them as needed as in the
     following example:

	   [region aws:*]
	   certificate = /usr/share/euca2ools/certs/cert-ec2.pem
	   verify-ssl =	true

	   [region aws:us-gov-west-1]
	   certificate = /usr/share/euca2ools/certs/cert-ec2-gov.pem

     Finally, options in named sections	may refer to other sections by using
     the use keyword followed by the section name to refer to.	This differs
     from simply duplicating the option	from the other section in that com-
     mands that	are sensitive to the name of the section the option came from,
     such as those that	use AWS	signature version 4, will be able to determine
     which section an option originates	from.

     The --region option provided by most euca2ools commands allows one	to
     control the user section and the region section those commands use	to
     find configuration	data by	supplying it with a user name, a region	name,
     or	both in	one of the following formats:

     +o	 --region REGION
     +o	 --region USER@
     +o	 --region USER@REGION

     The EUCA_DEFAULT_REGION and AWS_DEFAULT_REGION environment	variables work
     the same way, but with lower priority.

   Global section
     The global	section	contains settings that affect all commands.

     debug   When set to true, enable debugging	for all	commands.  When	set to
	     color, enable debugging for all commands and additionally col-
	     orize debug output	based on severity level.

	     The name of the region to use when	no region is otherwise speci-

	     The maximum number	of times commands should retry their requests
	     to	the server before giving up.  The default is 2.

	     The amount	of time, in seconds, to	wait for the server to respond
	     to	requests before	giving up.  The	default	is 30.

   User	section
     A user section contains information that is specific to an	identity in
     the cloud,	usually	an IAM user.

	     The account's 12-digit ID number.

     key-id  The user's	access key ID to use for authentication.  Access key
	     IDs come paired with secret keys; the ID specified	with this op-
	     tion must correspond to the secret	key specified with the
	     secret-key	option.

	     The user's	secret key to use for authentication.  Secret keys
	     come paired with access key IDs; the secret key specified with
	     this option must correspond to the	access key ID specified	with
	     the key-id	option.

	     The file name containing the user's signing certificate.  This is
	     used only by commands that	bundle images:
	     euca-bundle-and-upload-image(1), euca-bundle-image(1),
	     euca-bundle-vol(1), euca-install-image(1),	and

	     The file name containing the private key for the user's signing
	     certificate.  This	is used	only by	commands that bundle and un-
	     bundle images: euca-bundle-and-upload-image(1),
	     euca-bundle-image(1), euca-bundle-vol(1),
	     euca-download-and-unbundle(1), euca-install-image(1),
	     euca-unbundle(1), and euimage-install-pack(1).

   Region section
     A region section contains information that	is specific to a cloud region,
     such as a Eucalyptus installation or an Amazon Web	Services region.

	     The URL to	use to contact the service with	the name SERVICE.  For
	     a list of valid service names, see	euca2ools(7).

     user    The user section to use for this region when no other user	is
	     otherwise specified.

	     The file name containing the cloud's image-bundling certificate.
	     This is used only by commands that	bundle images:
	     euca-bundle-and-upload-image(1), euca-bundle-image(1),
	     euca-bundle-vol(1), euca-install-image(1),	and

	     Force commands that access	the s3 service to use AWS signature
	     version 4.	 The default is	false.

	     The location constraint needed to create buckets in the region's
	     object storage service.

	     Whether or	not to verify the server's SSL certificates.  The de-
	     fault is false.

	     The location of the XSLT stylesheet for
	     euca-create-vpn-connection(1) or euca-describe-vpn-connections(1)
	     to	use to reformat	VPN connection information.  If	the location
	     is	an HTTP	or HTTPS URL it	will be	downloaded as needed.  If it
	     contains "{format}" that will be replaced with the	desired	for-

     Commands that create access keys can format their output in the form of a
     euca2ools.ini file, simplifying the process of distributing access	keys
     and URL information to users.  This can replace the "eucarc" files	gener-
     ated by eucalyptus's `euca_conf --get-credentials'	command.

     euca2ools.ini configuration data are read from files in alphabetical or-
     der in the	following locations:

     1.	  /etc/euca2ools/euca2ools.ini
     2.	  /etc/euca2ools/conf.d/*.ini
     3.	  ~/.euca/*.ini

     In	cases where the	same option is defined in more than one	file, the file
     that appears last in this list will take precedence.


     euca2ools.ini first appeared in euca2ools 3.0.

euca2ools 3.4			 May 12, 2021			 euca2ools 3.4


Want to link to this manual page? Use this URL:

home | help