Dependencies

• Project and environment - You need to have an existing project and cloud environment. You can create these in the Metaplay Portal.
• Metaplay CLI - You need to have the Metaplay CLI installed.
• AWS CLI - You need to have the AWS CLI installed.

Overview

Although Metaplay Cloud is a fully managed cloud platform where we take care of managing the underlying cloud resources, in some cases you might still want to talk directly to the AWS resources. We provide you with limited access to a selection of AWS resources by offering tailored credentials.

For example, you may need to access things like the S3 object storage bucket to manage files that the game server might be interacting with, or the CloudFront content delivery network distribution when you want to invalidate certain cached objects, and so on.

Metaplay Cloud only

This page is only relevant for projects hosted on the Metaplay Cloud. If you are on a private cloud plan, please visit the Introduction to Metaplay Cloud Infrastructure section for more details on self-hosted resources.

Get Kubernetes Credentials

To access the Kubernetes cluster directly, you need a kubeconfig.yaml file. You can generate the file with:

export KUBECONFIG=/path/to/my-kubeconfig
metaplay get kubeconfig lovely-wombats-build-quickly --output $KUBECONFIG

With a valid kubeconfig.yaml, you can access Kubernetes resources associated with your environment directly:

# List the server pods
kubectl get pods -l app=metaplay-server

# Get logs for a pod (-f to follow)
kubectl logs <pod-name> -f

# List Helm deployments, i.e., the game server and possibly load tests
helm ls

Metaplay CLI and AWS

To get the AWS credentials to access the resources directly:

metaplay get aws-credentials lovely-wombats-build-quickly

The aws tool allows you to define profiles for environments you can connect to. The configuration structure of the profiles is flexible and allows you to obtain the credentials from another external process, making it possible to automate the process of connecting to the environments.

Let's configure aws tool to use the credentials from the Metaplay CLI. We do this by adding a profile to the aws config file (typically under ~/.aws/config). Here's how we could define a profile for the lovely-wombats-build-quickly environment:

~/.aws/config

[profile lovely-wombats-build-quickly-admin]
# For Posix (Mac, Linux, etc)
credential_process = metaplay get aws-credentials lovely-wombats-build-quickly --format=json
# For Windows
credential_process = cmd /C metaplay get aws-credentials lovely-wombats-build-quickly --format=json

After this, we can ensure that we are logged in with metaplay auth login and just use the pre-defined profile when making calls to the aws tool:

$ metaplay auth login
$ aws sts get-caller-identity --profile lovely-wombats-build-quickly-admin
{
    "UserId": "AXXXXXXXXXXXXXXXXXXXX:stackapi",
    "Account": "000000000000",
    "Arn": "arn:aws:sts::000000000000:assumed-role/metaplay-p1-lovely-wombats-build-quickly-gameserver-admin/stackapi"
}

This is just a simple example of how to use the credentials. Please have a read through the AWS CLI documentation for more information on how the aws tool can be used.