My bucket requires a role to write to, either an assumed role or a server-side role. It looks like the use of these roles, and hence "security-token", causes generate_url to append x-amz-security-token= to the URLs. (I think it's related to boto/boto#1477)

As a result, all the index.html links are something like Azimuth-0.41-py2-none-any.whl?x-amz-security-token=QQQNNNdzYYYaDHq777IRTr... and you get "No AWSAccessKey was presented." when visiting the link. (Removing x-amz-security-token from the URL fixes it.)

I'm not sure if there's anything this project can do about it (maybe manually strip the header?), but I just wanted to report it as something to track.

Thanks for the heads up! Feel free to submit a PR to manually strip the header if upstream is slow to fix.

Is it possible that the problem is caused by using boto instead of boto3? I don't have any solid proof, but I do know that boto3 is the preferred AWS SDK library.

Thanks, @joshma! Should be resolved.

@patoarvizu It's possible, perhaps even probable, that Boto 3 resolves this issue, considering it's a ground-up rewrite of Boto 2. But Boto 3 is a PITA to use and so I'm putting off the upgrade for as long as possible.