notea-org / notea

📒 Self hosted note taking app stored on S3
2.08k stars 383 forks source link

Adding support for AWS IAM role credentials #128

Closed andreaswittig closed 2 years ago

andreaswittig commented 2 years ago

Besides using IAM user credentials, AWS automatically injects credentials into most of their services (EC2, Fargate, Lambda, ...). The AWS SDK makes use of these credentials out-of-the-box. However, that mechanism does not work when setting the values manually, as it was the case inside the S3 provider so far.

Therefore, I made the environment variables STORE_ACCESS_KEY and STORE_SECRET_KEY optional. When the S3 client gets created without specific credentials, it will automatically try to access the IAM role credentials when running on an AWS platform like EC2 or Fargate.

By the way, this feature has been requested before. See https://github.com/QingWei-Li/notea/issues/95 for details.

Many thanks to @QingWei-Li for maintaining this amazing project. It is a great example for a slick web application built on S3.

tecc commented 2 years ago

Closing in favour of #143.