s3: don't consume default AWS environment variables

The AWS SDK has better logic for reading environment variables and passing them down to the correct credentials provider.
tweag · Feb 24, 2025 · c2a6311 · c2a6311
1 parent ad27c1a
commit c2a6311
Showing 1 changed file with 0 additions and 15 deletions.
diff --git a/authenticate/s3/s3.go b/authenticate/s3/s3.go
@@ -304,35 +304,20 @@ type configFragment struct {
 func configFromContext(ctx context.Context, uri *url.URL) (configFragment, error) {
 	sources := []lookupchain.Source{
 		// acces key id
-		&lookupchain.Env{
-			Source:  "env",
-			Name:    "AWS_ACCESS_KEY_ID",
-			Binding: BindigAccessKeyID,
-		},
 		&lookupchain.Keyring{
 			Source:  "env",
 			Service: "tweag-credential-helper:aws-access-key-id",
 			Binding: BindigAccessKeyID,
 		},
 
 		// secret access key
-		&lookupchain.Env{
-			Source:  "env",
-			Name:    "AWS_SECRET_ACCESS_KEY",
-			Binding: BindingSecretAccessKey,
-		},
 		&lookupchain.Keyring{
 			Source:  "env",
 			Service: "tweag-credential-helper:aws-secret-access-key",
 			Binding: BindingSecretAccessKey,
 		},
 
 		// default region
-		&lookupchain.Env{
-			Source:  "env",
-			Name:    "AWS_DEFAULT_REGION",
-			Binding: BindingRegion,
-		},
 		&lookupchain.Keyring{
 			Source:  "env",
 			Service: "tweag-credential-helper:aws-default-region",