docs/aws : Add a section that incites to delete the config after 1st …

…boot The configuraton may contains sensitive data. As any subsequent container may be able to access the s3 bucket it is advised to clear it. See #306 Also remove one level in the s3 config title so it appear in the TOC
coreos · Aug 30, 2023 · b4b3b42 · b4b3b42
1 parent 084fb4c
commit b4b3b42
Showing 1 changed file with 31 additions and 4 deletions.
diff --git a/modules/ROOT/pages/provisioning-aws.adoc b/modules/ROOT/pages/provisioning-aws.adoc
@@ -60,7 +60,7 @@ You now should be able to SSH into the instance using the associated IP address.
 ssh core@<ip address>
 ----
 
-==== Remote ignition configuration
+== Remote ignition configuration
 
 As user-data is limited to 16 KB, you may need to use an external source for your ignition configuration.
 A common solution is to upload the config to a S3 bucket, as the following steps show:
@@ -76,8 +76,8 @@ aws s3 mb s3://$NAME-infra
 .Upload the ignition file
 ----
 NAME='instance1'
-USERDATA='/path/to/config.ign' # path to your Ignition config
-aws s3 cp $USERDATA s3://$NAME-infra/bootstrap.ign
+CONFIG='/path/to/config.ign' # path to your Ignition config
+aws s3 cp CONFIG s3://$NAME-infra/bootstrap.ign
 ----
 
 You can verify the file have been correctly uploaded:
@@ -100,4 +100,31 @@ ignition:
       source: s3://instance1-infra/bootstrap.ign
 ----
 
-Then you can launch the instance using the same command as xref:#_customized_example[], passing the minimal configuration you just created.
+Then you can launch the instance using the same command as xref:#_customized_example[], passing the minimal configuration you just created.
+
+Once the first boot is completed, make sure to delete the configuration as it may contain sensitive data.
+See xref:#_configuration_cleanup[].
+
+== Configuration cleanup
+
+Once the instance have completed the first boot, we recommend cleaning up the configuration files.
+Any container running on the instance could be able to read the config, raising security concerns.
+
+[source,bash]
+.Deleting the Ignition configuration from the s3 bucket
+----
+NAME='instance1'
+aws s3 rm CONFIG s3://$NAME-infra/bootstrap.ign
+----
+
+Optionnally, you can delete the whole bucket:
+[source,bash]
+.Deleting the s3 bucket
+----
+NAME='instance1'
+aws s3 rb s3://$NAME-infra
+----
+
+NOTE: The instance's user data cannot be modified without stopping the instance.
+If you need to have secrets in your ignition configuration you should store it into a s3 bucket and have a minimal configuration in user-data.
+Make sure to clear the s3 bucket when the first boot is completed.