Merge pull request #3876 from MichaelEischer/document-aws-session-token

doc: document aws session token
2022-08-24 22:20:26 +02:00 · 2022-08-24 22:20:26 +02:00 · b4ae05627f
parent bd7bca2b51 b6c86ababe
commit b4ae05627f
2 changed files with 4 additions and 0 deletions
--- a/doc/030_preparing_a_new_repo.rst
+++ b/doc/030_preparing_a_new_repo.rst
@ -254,6 +254,9 @@ parameter like ``-o s3.region="us-east-1"``. If the region is not specified,
 the default region is used. Afterwards, the S3 server (at least for AWS,
 ``s3.amazonaws.com``) will redirect restic to the correct endpoint.

+When using temporary credentials make sure to include the session token via
+then environment variable ``AWS_SESSION_TOKEN``.
+
 Until version 0.8.0, restic used a default prefix of ``restic``, so the files
 in the bucket were placed in a directory named ``restic``. If you want to
 access a repository created with an older version of restic, specify the path
--- a/doc/040_backup.rst
+++ b/doc/040_backup.rst
@ -560,6 +560,7 @@ environment variables. The following lists these environment variables:

    AWS_ACCESS_KEY_ID                   Amazon S3 access key ID
    AWS_SECRET_ACCESS_KEY               Amazon S3 secret access key
+    AWS_SESSION_TOKEN                   Amazon S3 temporary session token
    AWS_DEFAULT_REGION                  Amazon S3 default region
    AWS_PROFILE                         Amazon credentials profile (alternative to specifying key and region)
    AWS_SHARED_CREDENTIALS_FILE         Location of the AWS CLI shared credentials file (default: ~/.aws/credentials)