Authenticates with NASA Earthdata to obtain temporary S3 credentials for accessing NASA Earth observation data stored in S3 buckets. The function performs an OAuth-like authentication flow and automatically sets the required AWS environment variables.
Usage
edl_s3_token(
daac = "https://data.lpdaac.earthdatacloud.nasa.gov",
username = default("user"),
password = default("password"),
prompt_for_netrc = interactive()
)Arguments
- daac
Character string. The base URL for the DAAC (Data Archive Access Center). Defaults to "https://data.lpdaac.earthdatacloud.nasa.gov".
- username
Character string. EarthDataLogin username. Defaults to the value returned by
default("user").- password
Character string. EarthDataLogin password. Defaults to the value returned by
default("password").- prompt_for_netrc
Logical. Often netrc is preferable, so this function will by default prompt the user to switch. Set to FALSE to silence this. Defaults to
interactive().
Value
Invisibly returns a list containing the S3 credentials:
- accessKeyId
AWS access key ID
- secretAccessKey
AWS secret access key
- sessionToken
AWS session token
- expiration
Token expiration time
Details
Note that these S3 credentials will only work:
On AWS instance in the
us-west-2regionOnly for one hour before they expire
Only on the DAAC requested
Please consider using edl_netrc() to avoid these limitations
This function performs a multi-step authentication process:
Requests authorization URL from the credentials endpoint
Posts credentials to get a redirect URL
Follows redirect to set authentication cookies
Makes final request with cookies to obtain S3 credentials
The function automatically sets the following environment variables:
AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYAWS_SESSION_TOKEN