How can we restrict client apps / IAM users to only have access to certain databases?
The https://docs.datomic.com/cloud/operation/access-control.html article defines the DbName
metavariable at the beginning, but then it's not mentioned afterwards.
It does have a section called Authorize Client Applications
, linking to https://docs.datomic.com/cloud/operation/client-applications.html , but that page doesn't mention DbName
either.
Is it not possible to restrict access to certain dbs or it's just not documented?
i'd like to know this as well. i had started defining a policy to grant access to just certain access keys in the datomic s3 bucket, but in the end gave up (admittedly after not much trial and error)
Has anyone been able to install dev-local on a Windows machine (not WSL or VM)?
Looks like Powershell is particular about .
in args. When you run the mvn commands from ./install
wrap the whole -Dfile arg in quotes (`"-Dfile=…"`)
I was able to get Dev-local running on windows 10, using powershell. I created the .datomic\dev-local.edn file and populated with:
{:storage-dir "C:\\Users\\<COMPUTER NAME>\\dev-local-proj\\storage"}
alternatively you can specify the storage dir which is what is contained in the .datomic folder.
(def client (d/client {:server-type :dev-local
:storage-dir "C:\\Users\\<COMPUTER NAME>\\dev-local-proj\\storage"
:system "dev"}))
Thanks, jaret!
I was able to get Dev-local running on windows 10, using powershell. I created the .datomic\dev-local.edn file and populated with:
{:storage-dir "C:\\Users\\<COMPUTER NAME>\\dev-local-proj\\storage"}
alternatively you can specify the storage dir which is what is contained in the .datomic folder.
(def client (d/client {:server-type :dev-local
:storage-dir "C:\\Users\\<COMPUTER NAME>\\dev-local-proj\\storage"
:system "dev"}))
Same
only just saw this thread, but in case you haven't found an answer yet @souenzzo, can you clarify by what you mean as permissions? user permissions to your api? permissions for your ion to access other AWS services?
i'd like to know this as well. i had started defining a policy to grant access to just certain access keys in the datomic s3 bucket, but in the end gave up (admittedly after not much trial and error)
Thanks, jaret!
How to customize the IAM of the machines created by DatomicCloudCloudFormation template It isn't just "find the the group and add the permission" If you do that (like i did) you will not be able to remove/upgrade the CloudFormation because it will fail