-
-
Notifications
You must be signed in to change notification settings - Fork 856
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
django-storages support for AWS_SESSION_TOKEN for the boto backend #282
Comments
Fixed by #283. |
There is still an issue here. If |
Have a look at #370 please. |
This still appears to be a problem. I need to be able to set access_key, secret_key and session_token, in order to use S3 Multi-Factor authentication. |
Sooo this is not ideal fix for the issue @jlev (and myself) are experiencing... but i didn't feel like maintaining a fork and it appears that PRs are in a backlog to merge (totally understandable by the way! Maintaining OSS software can be all time-consuming). So anyways I was able to work around this in the current logic with my backend class like so: class MediaStorage(S3Boto3Storage):
access_key = False
secret_key = False |
At time of this commit there are outstanding PRs that will fix the usage of iam roles instead of just regular accounts. See jschneier/django-storages#282. Instead of forking the library with those changes I made a work-around by setting the problematic logic to False. Its a misleading addition since those attributes actually do get sucked in via env vars.
At time of this commit there are outstanding PRs that will fix the usage of iam roles instead of just regular accounts. See jschneier/django-storages#282. Instead of forking the library with those changes I made a work-around by setting the problematic logic to False. Its a misleading addition since those attributes actually do get sucked in via env vars.
At time of this commit there are outstanding PRs that will fix the usage of iam roles instead of just regular accounts. See jschneier/django-storages#282. Instead of forking the library with those changes I made a work-around by setting the problematic logic to False. Its a misleading addition since those attributes actually do get sucked in via env vars.
|
In AWS Lambda, you can assign IAM role to a function, which should describe the permissions allowed for the function.This is placed into the env, via 3 params:
Lambda is using STS, and all 3 must be supplied to the S3Connection object.
Normally, boto would handle this itself, but since we manually create the S3Connection, we need to handle this ourselves. This is achieved by passing security_token=<AWS_SESSION_TOKEN> into the S3Connection object.
Examples
Without the session token
And when using the session token...
The text was updated successfully, but these errors were encountered: