验证
你可以使用 @remotion/lambda 包进行身份验证,方式如下:
🌐 You can authenticate with the @remotion/lambda package either using:
- 指向文件的
REMOTION_AWS_PROFILE或AWS_PROFILE环境变量 REMOTION_AWS_ACCESS_KEY_ID和REMOTION_AWS_SECRET_ACCESS_KEY环境变量AWS_ACCESS_KEY_ID和AWS_SECRET_ACCESS_KEY环境变量
如果你使用 Remotion CLI,位于 .env 文件中的环境变量会被自动获取,但如果使用 Node.JS API,则不会。如果提供了多种方式,Remotion 将按照上述顺序使用,并使用找到的第一个凭证。
🌐 Environment variables sitting in a .env file are automatically picked up if you use the Remotion CLI, but not if you use the Node.JS APIs. If multiple ways are provided, Remotion will use the order above and use the first credentials found.
我们建议使用以 REMOTION_ 为前缀的环境变量变体,因为:
🌐 We recommend using the environment variable variants prefixed with REMOTION_ because:
- 在某些环境中,未加前缀的变体可能是保留的(例如 Vercel 部署)
- 如果使用未加前缀的版本,Remotion 和 AWS CLI 之间可能会产生令人困惑的冲突。
轮换凭证
🌐 Rotating credentials
使用多个 AWS 账户可以作为一种可行的扩展策略,以增加 并发限制。为此,你可以在使用 @remotion/lambda 执行操作之前,为 REMOTION_AWS_ACCESS_KEY_ID 和 REMOTION_AWS_SECRET_ACCESS_KEY 或其他环境变量设置新值。下面是一个实现示例。
🌐 Using more than one AWS account can be a viable scaling strategy to increase the concurrency limit. To do so, you can set new values for the REMOTION_AWS_ACCESS_KEY_ID and REMOTION_AWS_SECRET_ACCESS_KEY or other environment variables before making an operation using @remotion/lambda. Below is an implementation example.
.env# Account 1 AWS_KEY_1=AK... AWS_SECRET_=M/ # Account 2 AWS_KEY_2=AK... AWS_SECRET_2=M/
你需要自己使用 dotenv 包读取 .env 文件。
rotate-credentials.tsconstgetAccountCount = () => { letcount = 0; while (process .env ["AWS_KEY_" + (count + 1)] &&process .env ["AWS_SECRET_" + (count + 1)] ) {count ++; } returncount ; }; constgetRandomAwsAccount = () => { returnMath .ceil (Math .random () *getAccountCount ()); }; constsetEnvForKey = (key : number) => {process .env .REMOTION_AWS_ACCESS_KEY_ID =process .env [`AWS_KEY_${key }`];process .env .REMOTION_AWS_SECRET_ACCESS_KEY =process .env [`AWS_SECRET_${key }`]; }; // Set random account credentialssetEnvForKey (getRandomAwsAccount ());
使用 AWS 配置文件
🌐 Using an AWS profile
从 v3.3.9 起可用
🌐 available from v3.3.9
如果你更喜欢使用 AWS 配置文件,你可以使用它们。配置文件列表位于 macOS 和 Linux 的 ~/.aws/credentials,格式如下:
🌐 If you prefer AWS profile, you may use them. The list of profiles is located at ~/.aws/credentials on macOS and Linux and has the following format:
~/.aws/credentials[default] # ... [remotion] aws_access_key_id = YOUR_ACCESS_KEY_ID aws_secret_access_key = YOUR_SECRET_ACCESS_KEY
在这个示例中,我们添加了一个 remotion 配置文件。现在,通过设置 REMOTION_AWS_PROFILE=remotion,你可以选择该配置文件,而不再需要单独传递每个环境变量。
🌐 In this example, we added a remotion profile. Now, by setting REMOTION_AWS_PROFILE=remotion, you can select the profile and don't need to pass each environment variable separately anymore.
跳过凭证检查v4.0.160
🌐 Skipping the credentials checkv4.0.160
S3 客户端还有其他认证方式,比如通过 EC2 实例元数据。如果你已经设置好了,你可以将 REMOTION_SKIP_AWS_CREDENTIALS_CHECK 环境变量设置为任意值。
🌐 There are other ways the S3 client can authenticate, like from EC2 instance metadata.
If you have set this up, you may set the REMOTION_SKIP_AWS_CREDENTIALS_CHECK environment variable to any value.
process.env.REMOTION_SKIP_AWS_CREDENTIALS_CHECK = "1";Remotion 不会检查凭证,也不会在未设置时抛出错误。 但是,如果配置错误,你仍然可能收到来自 AWS SDK 的错误。 还请阅读关于 缓存客户端 的说明。
🌐 Remotion will not check the credentials and will not throw an error if they are not set.
However, if there is a misconfiguration, you may still get an error from the AWS SDK.
Also read the note about caching clients.
禁用缓存v4.0.160
🌐 Disable cachingv4.0.160
AWS 客户端会被缓存以节省内存并加快初始化速度。 缓存键基于凭证和区域。
🌐 AWS clients are cached to save memory and speed up initialization.
The cache key is based on the credentials and the region.
如果你选择退出 凭证检查,实例将在进程的生命周期内被缓存。
如果你想禁用缓存,请将 REMOTION_SKIP_AWS_CREDENTIALS_CHECK 环境变量设置为任意值。
你很可能不需要设置此值。只有在你在 API 调用之间更改认证方式时才需要设置。
🌐 If you opted out of the credentials check, the instance is cached for the lifetime of the process.
If you want to disable the cache, set the REMOTION_SKIP_AWS_CREDENTIALS_CHECK environment variable to any value.
It's unlikely you need to set this value. This is only if you change the way you authenticate between API calls.
另请参阅
🌐 See also