From 77579bb4f1600e967590fb0d17cb25ff757dc0f2 Mon Sep 17 00:00:00 2001 From: Michael Fowler Date: Mon, 17 Jun 2024 22:15:15 +1200 Subject: [PATCH] fix: Use the default credential strategy in S3Client construction (#7061) By omitting this option, we fall back to the hierarchy used by S3Client by default. When defined, the provider chain will use the values of AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY (and AWS_SESSION_TOKEN); in their absence, the provider chain can retrieve credentials from a range of other sources, including e.g. ECS credentials. Although there are no longer any application reads from `env.AWS_ACCESS_KEY_ID` and `env.AWS_SECRET_ACCESS_KEY`, they continue to serve a useful documentary role. --- server/storage/files/S3Storage.ts | 4 ---- 1 file changed, 4 deletions(-) diff --git a/server/storage/files/S3Storage.ts b/server/storage/files/S3Storage.ts index 0d14b397b..832281aa2 100644 --- a/server/storage/files/S3Storage.ts +++ b/server/storage/files/S3Storage.ts @@ -28,10 +28,6 @@ export default class S3Storage extends BaseStorage { this.client = new S3Client({ bucketEndpoint: env.AWS_S3_ACCELERATE_URL ? true : false, forcePathStyle: env.AWS_S3_FORCE_PATH_STYLE, - credentials: { - accessKeyId: env.AWS_ACCESS_KEY_ID || "", - secretAccessKey: env.AWS_SECRET_ACCESS_KEY || "", - }, region: env.AWS_REGION, endpoint: this.getEndpoint(), });