From 3c795ed19cbc123719dd37315c5baa076557797a Mon Sep 17 00:00:00 2001
From: Fernando Barbosa <fernando.barbosa@quintoandar.com.br>
Date: Thu, 18 Jan 2018 09:35:36 -0200
Subject: [PATCH] Rm aws keys verification to allow for iam roles

Remove the validation of aws credentials, since this was blocking
the use of IAM roles for authentication.
---
 aws.go    | 8 +++++++-
 plugin.go | 4 ++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/aws.go b/aws.go
index 1f73899..cf07362 100644
--- a/aws.go
+++ b/aws.go
@@ -28,8 +28,8 @@ type AWS struct {
 }
 
 func NewAWS(p *Plugin) AWS {
+
 	sessCfg := &aws.Config{
-		Credentials:      credentials.NewStaticCredentials(p.Key, p.Secret, ""),
 		S3ForcePathStyle: aws.Bool(p.PathStyle),
 		Region:           aws.String(p.Region),
 	}
@@ -38,6 +38,12 @@ func NewAWS(p *Plugin) AWS {
 		sessCfg.Endpoint = &p.Endpoint
 		sessCfg.DisableSSL = aws.Bool(strings.HasPrefix(p.Endpoint, "http://"))
 	}
+
+	// allowing to use the instance role or provide a key and secret
+	if p.Key != "" && p.Secret != "" {
+		sessCfg.Credentials = credentials.NewStaticCredentials(p.Key, p.Secret, "")
+	}
+
 	sess := session.New(sessCfg)
 
 	c := s3.New(sess)
diff --git a/plugin.go b/plugin.go
index d0040ee..fd590c1 100644
--- a/plugin.go
+++ b/plugin.go
@@ -43,7 +43,7 @@ type result struct {
 	err error
 }
 
-var MissingAwsValuesMessage = "Must set access_key, secret_key, and bucket"
+var MissingAwsValuesMessage = "Must set 'bucket'"
 
 func (p *Plugin) Exec() error {
 	err := p.sanitizeInputs()
@@ -62,7 +62,7 @@ func (p *Plugin) Exec() error {
 }
 
 func (p *Plugin) sanitizeInputs() error {
-	if len(p.Key) == 0 || len(p.Secret) == 0 || len(p.Bucket) == 0 {
+	if len(p.Bucket) == 0 {
 		return errors.New(MissingAwsValuesMessage)
 	}