search

jschneier / django-storages

https://django-storages.readthedocs.io/
BSD 3-Clause "New" or "Revised" License
2.74k stars 859 forks source link

S3Storage - pull AWS_SESSION_TOKEN from environment #1398

Closed samdoolin closed 5 months ago

samdoolin commented 5 months ago

S3Storage looks for AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY in settings and in os.environ.

https://github.com/jschneier/django-storages/blob/d84ad923eb14a3406308d0b1512cc3ee25bd8db8/storages/backends/s3.py#L366

However it only looks for AWS_SESSION_TOKEN in settings but not in os.environ.

https://github.com/jschneier/django-storages/blob/d84ad923eb14a3406308d0b1512cc3ee25bd8db8/storages/backends/s3.py#L380

All 3 are used to initialise the the boto3.Session.

https://github.com/jschneier/django-storages/blob/d84ad923eb14a3406308d0b1512cc3ee25bd8db8/storages/backends/s3.py#L457

Please consider allowing security_token to fall back to os.environ as well? Otherwise I need to manually wire AWS_SESSION_TOKEN into settings to avoid url failures (InvalidAccessKeyId). And/or describe how AWS_SESSION_TOKEN is handled in the docs.

Thanks

jschneier commented 5 months ago

Sure, please open a PR

samdoolin commented 5 months ago

does https://github.com/jschneier/django-storages/pull/1399 look ok?