From 6bb1bcce039b5fe34d336fa0cc67074c7ec1a936 Mon Sep 17 00:00:00 2001 From: "denis.uzvik" Date: Sun, 4 Mar 2018 19:26:06 +0200 Subject: [PATCH] Change priority of AWS credential providers to accept AWS_SESSION_TOKEN --- changelog/0.8.3_2018-02-26/pull-1647 | 8 ++++++++ internal/backend/s3/s3.go | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 changelog/0.8.3_2018-02-26/pull-1647 diff --git a/changelog/0.8.3_2018-02-26/pull-1647 b/changelog/0.8.3_2018-02-26/pull-1647 new file mode 100644 index 000000000..63339e6c7 --- /dev/null +++ b/changelog/0.8.3_2018-02-26/pull-1647 @@ -0,0 +1,8 @@ +Enhancement: Change priority of AWS credential providers to accept AWS_SESSION_TOKEN + +Before, it was not possible to use s3 backend with AWS temporary security credentials(with AWS_SESSION_TOKEN). +This change gives higher priority to credentials.EnvAWS credentials provider. + +https://github.com/restic/restic/issues/1477 +https://github.com/restic/restic/pull/1479 +https://github.com/restic/restic/pull/1647 \ No newline at end of file diff --git a/internal/backend/s3/s3.go b/internal/backend/s3/s3.go index d8d4dcdad..05f111562 100644 --- a/internal/backend/s3/s3.go +++ b/internal/backend/s3/s3.go @@ -48,6 +48,7 @@ func open(cfg Config, rt http.RoundTripper) (*Backend, error) { // AWS env variables such as AWS_ACCESS_KEY_ID // Minio env variables such as MINIO_ACCESS_KEY creds := credentials.NewChainCredentials([]credentials.Provider{ + &credentials.EnvAWS{}, &credentials.Static{ Value: credentials.Value{ AccessKeyID: cfg.KeyID, @@ -59,7 +60,6 @@ func open(cfg Config, rt http.RoundTripper) (*Backend, error) { Transport: http.DefaultTransport, }, }, - &credentials.EnvAWS{}, &credentials.EnvMinio{}, }) client, err := minio.NewWithCredentials(cfg.Endpoint, creds, !cfg.UseHTTP, "")