Open toretua opened 1 month ago
Dear Tore,
Can you describe you exact setup in a bit more detail, so I can better understand?
If I understand correctly you don't want to use access keys to access S3, but would rather use an AWS IAM role attached to the server. Is that server an EC2? Or how are you trying to set it up?
Is it enough if I set the S3_ACCESS_KEY_ID
and S3_SECRET_ACCESS_KEY
optional? I think that would solve your problem if you are running it straight on the EC2, but I am unsure if it would be enough if you are running in some other setup.
Please give me as much info as you can about how you are setting it up exactly.
Cheers, Peter
you are correct, the server is an ec2 instance and its role has full access to the bucket. So setting the key/secret to optional would be splendid!
Thanks for quick reply regards Tore
Thank you for your patience! In the latest version (1.4.0) S3 credential environment variables are now optional. I hope this solves your problem. If not please don't hesitate to tell me.
Hi! I see that the docker container now runs without key, but it still cannot push to s3 using its instance role. Seems the code still tries to access providing empty aws key/secret value instead of not having them in the request.
Hi!
Sorry, I didn't get a notification about this comment for some reason. I updated the code so that it will try to use the default AWS environment variables if present. This may solve the issue. Sadly I don't currently have access to an AWS account so I cannot test this.
If you could check if this fixes the problem for you I would be very grateful! (Use the edge
tag for the docker image)
Works when i push a file using curl... have to wait a bit to test with real turbo build
We try to avid access key in server solutions the have better control and not need to rotate keys., In sett up key and secret is required:
# required if provider is s3 S3_BUCKET=turborepo-cache-itsl S3_ACCESS_KEY_ID= S3_SECRET_ACCESS_KEY=
Is there a way to set s3 as storage without using this? the server has access via aws roles, but it seems to fail when i omit key/secretRegards Tore