Role based EC2 access to S3 #1803
Comments
|
@Kami Does it make sense to add support for retrieving keys from instance metadata as a part of the library for every provider where it makes sense? I could review and propose an MR. If you don't want to have it in the library then let me know Thanks! |
|
@Kami Any chance you can provide your input here? |
|
@denyszhak you can try this code to use the credentials from an IAM instance profile on EC2: import boto3
from libcloud.storage.types import Provider
from libcloud.storage.providers import get_driver
session = boto3.Session()
credentials = session.get_credentials().get_frozen_credentials()
cls = get_driver(Provider.S3)
driver = cls(region="region", key=credentials.access_key, secret=credentials.secret_key, token=credentials.token)If you have some long-running operations that use this libcloud driver, you might have to refresh the credentials, though. |
|
Is there a fix for this problem? I know we can use boto3 to get the credentials, but at that point, I might as well use boto3 all the way and remove libcloud, which is not what I want to do. Any suggestions? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature Request
The key parameter is required to access S3 using S3StorageDriver
libcloud/libcloud/storage/drivers/s3.py
Line 1224 in 7b3f55a
Can you suggest the usage of your client for role-based EC2 access to S3 or the possibility to add it? (where key and secret are now known well in advance but using STS for temporary access by tokens)
Thanks!
The text was updated successfully, but these errors were encountered: