AWS credentials through metadata service or boto auto-detection #105
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…Allow boto auto-detection (using a `credentials` file, etc.) with spacer config values of `None`. The previous code claimed to allow auto-detection with `None`, but it actually raised a ConfigError in that case instead of allowing auto-detection to happen.
|
Looks good to me. Closes #104 |
This is what the modern boto API calls it, and 'connection' is a little semantically misleading when it doesn't actually 'connect' (i.e. use credentials to access anything) right away.
|
Thanks. I just renamed I'll address the CI failing check in another PR; looks to be related to numpy 2.x being allowed by the package requirements. After that I'll release a new pyspacer version, and let me know if any other issues arise. For example, I don't know what it looks like when an STS-retrieved resource expires (I assume that is something that happens eventually). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Metadata service (STS): This is like PR Allow using AWS metadata service when available. #104 from @michaelconnor00 with the addition of catching
botocore.exceptions.NoCredentialsError, which gets raised when credentials can't be obtained this way.Boto auto-detection: After having another overall look at
get_s3_conn(), I noticed that the comment ofdidn't actually hold, because the spacer code would raise a
ConfigErrorif spacer-config credentials were None. I decided to just remove that check that would lead to the ConfigError. The check additionally seemed a bit misleading anyway, because it's no guarantee of having valid credentials; theboto3.resource()call doesn't actually use the credentials right away. You'll only know if they're valid credentials when the resource (or 'connection', as we currently call it) is actually used to access an S3 bucket or object for the first time.Will take another look at this later to make sure I didn't miss something else.