s3: remove WebIdentityRoleProvider to fix crash on auth #5255

This code removes the code added in 15d19131bd6bc78e s3: use aws web identity role provider This code no longer works because it doesn't initialise the tokenFetcher - leading to a nil pointer crash. The proper way to initialise this is with the NewWebIdentityCredentials but it isn't clear where to get the other parameters: roleARN, roleSessionName, path. In the linked issue a user reports rclone working with EKS anyway, so perhaps this code is no longer needed. If it is needed, hopefully someone who knows AWS better will come along and fix it! See: https://forum.rclone.org/t/add-support-for-aws-sso/23569
2025-03-14 00:16:24 +08:00 · 2021-04-20 16:21:54 +01:00 · 2021-04-20 16:21:54 +01:00 · e618ea83dd
commit e618ea83dd
parent 34dc257c55
1 changed files with 0 additions and 6 deletions
--- a/backend/s3/s3.go
+++ b/backend/s3/s3.go
@ -26,7 +26,6 @@ import (
 	"github.com/aws/aws-sdk-go/aws/corehandlers"
 	"github.com/aws/aws-sdk-go/aws/credentials"
 	"github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds"
-	"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
 	"github.com/aws/aws-sdk-go/aws/defaults"
 	"github.com/aws/aws-sdk-go/aws/ec2metadata"
 	"github.com/aws/aws-sdk-go/aws/endpoints"
@ -1511,11 +1510,6 @@ func s3Connection(ctx context.Context, opt *Options, client *http.Client) (*s3.S
 			}),
 			ExpiryWindow: 3 * time.Minute,
 		},
-
-		// Pick up IAM role if we are in EKS
-		&stscreds.WebIdentityRoleProvider{
-			ExpiryWindow: 3 * time.Minute,
-		},
 	}
 	cred := credentials.NewChainCredentials(providers)