From 5a82a779fdb1bd5610d9d8d28f3d9aeec909a82e Mon Sep 17 00:00:00 2001 From: "Robert T. Brown (-rb)" Date: Sun, 8 Dec 2024 18:41:12 -0500 Subject: [PATCH] Issue 994: Allow EC2 instance profile to grant access to S3 backups, rather than requiring S3 Access/Secret Keys --- management/backup.py | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/management/backup.py b/management/backup.py index c2ef7676..6528c71d 100755 --- a/management/backup.py +++ b/management/backup.py @@ -511,10 +511,15 @@ def list_target_files(config): # connect to the region & bucket try: - s3 = boto3.client('s3', \ - endpoint_url=f'https://{target.hostname}', \ - aws_access_key_id=config['target_user'], \ - aws_secret_access_key=config['target_pass']) + if (config['target_user'] == '') and (config['target_pass'] == ''): + ## User did not specify an S3 Access Key, nor a S3 Secret Access Key. Perhaps using EC2 instance role? + s3 = boto3.client('s3', \ + endpoint_url=f'https://{target.hostname}') + else: + s3 = boto3.client('s3', \ + endpoint_url=f'https://{target.hostname}', \ + aws_access_key_id=config['target_user'], \ + aws_secret_access_key=config['target_pass']) bucket_objects = s3.list_objects_v2(Bucket=bucket, Prefix=path)['Contents'] backup_list = [(key['Key'][len(path):], key['Size']) for key in bucket_objects] except ClientError as e: