Index URLs are generated with x-amz-security-token and don't work
joshma opened this issue · comments
My bucket requires a role to write to, either an assumed role or a server-side role. It looks like the use of these roles, and hence "security-token", causes generate_url to append x-amz-security-token=
to the URLs. (I think it's related to boto/boto#1477)
As a result, all the index.html links are something like Azimuth-0.41-py2-none-any.whl?x-amz-security-token=QQQNNNdzYYYaDHq777IRTr...
and you get "No AWSAccessKey was presented." when visiting the link. (Removing x-amz-security-token
from the URL fixes it.)
I'm not sure if there's anything this project can do about it (maybe manually strip the header?), but I just wanted to report it as something to track.
Thanks for the heads up! Feel free to submit a PR to manually strip the header if upstream is slow to fix.
Is it possible that the problem is caused by using boto instead of boto3? I don't have any solid proof, but I do know that boto3 is the preferred AWS SDK library.
Thanks, @joshma! Should be resolved.
@patoarvizu It's possible, perhaps even probable, that Boto 3 resolves this issue, considering it's a ground-up rewrite of Boto 2. But Boto 3 is a PITA to use and so I'm putting off the upgrade for as long as possible.