allow authenticating to AWS with the EC2 instance role #391
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This changes the credentials provider used to fetch the AWS credentials from EnvironmentProvider (which just looked at environment variables) to DefaultCredentialsProvider, which looks at: 1. Environment variables 2. ~/.aws/credentials 3. EC2 instance roles The old behavior is preserved when the environment variable is present, but this will also allow using EC2 instance roles which are going to be implemented on the production server. A new FORCE_S3 environment variable was also added.
pietroalbini
force-pushed
the
aws-iam-role
branch
from
d03cf47 to
8ee6c6b
Compare
|
Code looks good. I'll probably not have time to test the changes locally for some time but I would loosely recommend that we just merge and deploy since the worst case is a few minutes of downtime as we rebuild after a revert on the server (we can test it without restarting docs.rs in full, too, if we wanted to). |
|
I mean, it should have the same behavior if you don't change the environment variables, right? It seems harmless to deploy in that case, especially if whoever pushes the button watches for issues afterward. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This changes the credentials provider used to fetch the AWS credentials from EnvironmentProvider (which just looked at environment variables) to DefaultCredentialsProvider, which looks at:
~/.aws/credentialsThe old behavior is preserved when the environment variable is present, but this will also allow using EC2 instance roles which are going to be implemented on the production server.
A new FORCE_S3 environment variable was also added.
r? @Mark-Simulacrum