From 01996141ad30d6cb1bfddd73b7adcaf7729f7a0f Mon Sep 17 00:00:00 2001
From: Michael Meidlinger <michael@meidlinger.info>
Date: Sun, 16 Feb 2025 21:51:48 +0000
Subject: [PATCH] Allow boto to get S3 credentials for backups from environment
 variables if access key is blank (#2260)

In case that no static AWS credentials are specified, we try to create the boto3 client without explicitly passing static credentials. This way, we can benedit from dynamic credentials in AWS environments (e.g. using EC2 instance roles)
---
 management/backup.py | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/management/backup.py b/management/backup.py
index ac16eade..311db3c3 100755
--- a/management/backup.py
+++ b/management/backup.py
@@ -519,10 +519,13 @@ def list_target_files(config):
 
 		# connect to the region & bucket
 		try:
-			s3 = boto3.client('s3', \
-				endpoint_url=f'https://{target.hostname}', \
-				aws_access_key_id=config['target_user'], \
-				aws_secret_access_key=config['target_pass'])
+			if config['target_user'] == "" and config['target_pass'] == "":
+				s3 = boto3.client('s3', endpoint_url=f'https://{target.hostname}')
+			else:
+				s3 = boto3.client('s3', \
+					endpoint_url=f'https://{target.hostname}', \
+					aws_access_key_id=config['target_user'], \
+					aws_secret_access_key=config['target_pass'])
 			bucket_objects = s3.list_objects_v2(Bucket=bucket, Prefix=path)['Contents']
 			backup_list = [(key['Key'][len(path):], key['Size']) for key in bucket_objects]
 		except ClientError as e: