From 3c795ed19cbc123719dd37315c5baa076557797a Mon Sep 17 00:00:00 2001 From: Fernando Barbosa Date: Thu, 18 Jan 2018 09:35:36 -0200 Subject: [PATCH] Rm aws keys verification to allow for iam roles Remove the validation of aws credentials, since this was blocking the use of IAM roles for authentication. --- aws.go | 8 +++++++- plugin.go | 4 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/aws.go b/aws.go index 1f73899..cf07362 100644 --- a/aws.go +++ b/aws.go @@ -28,8 +28,8 @@ type AWS struct { } func NewAWS(p *Plugin) AWS { + sessCfg := &aws.Config{ - Credentials: credentials.NewStaticCredentials(p.Key, p.Secret, ""), S3ForcePathStyle: aws.Bool(p.PathStyle), Region: aws.String(p.Region), } @@ -38,6 +38,12 @@ func NewAWS(p *Plugin) AWS { sessCfg.Endpoint = &p.Endpoint sessCfg.DisableSSL = aws.Bool(strings.HasPrefix(p.Endpoint, "http://")) } + + // allowing to use the instance role or provide a key and secret + if p.Key != "" && p.Secret != "" { + sessCfg.Credentials = credentials.NewStaticCredentials(p.Key, p.Secret, "") + } + sess := session.New(sessCfg) c := s3.New(sess) diff --git a/plugin.go b/plugin.go index d0040ee..fd590c1 100644 --- a/plugin.go +++ b/plugin.go @@ -43,7 +43,7 @@ type result struct { err error } -var MissingAwsValuesMessage = "Must set access_key, secret_key, and bucket" +var MissingAwsValuesMessage = "Must set 'bucket'" func (p *Plugin) Exec() error { err := p.sanitizeInputs() @@ -62,7 +62,7 @@ func (p *Plugin) Exec() error { } func (p *Plugin) sanitizeInputs() error { - if len(p.Key) == 0 || len(p.Secret) == 0 || len(p.Bucket) == 0 { + if len(p.Bucket) == 0 { return errors.New(MissingAwsValuesMessage) }