Burtiraven2/session_redis_public
1
0
Fork 0
mirror of https://github.com/camptocamp/odoo-cloud-platform.git synced 2026-06-24 08:47:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

BSQOQ-647: allow instance profiles authentication

Browse Source 
By dropping the requirement to have `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` envvars set, we can let the more secure IAM instance-profile take over the authentication.

This can be used immediatly on the rancher platform, and NB that this will become a requirement on the kubernetes platform in a couple of weeks.
This commit is contained in:
Marc Fournier
2022-03-24 20:14:25 +01:00
committed by Yann Soubeyrand
co-authored by Yann Soubeyrand
parent 72676c2b7f
commit 80f3b1948e
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
attachment_s3/models/ir_attachment.py
+5 -3
View File
@@ -59,14 +59,16 @@ class IrAttachment(models.Model):
bucket_name = bucket_name.format(db=self.env.cr.dbname) bucket_name = bucket_name.format(db=self.env.cr.dbname)
params = { params = {
'aws_access_key_id': access_key,
'aws_secret_access_key': secret_key,
} }
if access_key:
params['aws_access_key_id'] = access_key
if secret_key:
params['aws_secret_access_key'] = secret_key
if host: if host:
params['endpoint_url'] = host params['endpoint_url'] = host
if region_name: if region_name:
params['region_name'] = region_name params['region_name'] = region_name
if not (access_key and secret_key and bucket_name): if not (bucket_name):
msg = _('If you want to read from the %s S3 bucket, the following ' msg = _('If you want to read from the %s S3 bucket, the following '
'environment variables must be set:\n' 'environment variables must be set:\n'
'* AWS_ACCESS_KEY_ID\n' '* AWS_ACCESS_KEY_ID\n'