From 0195d3640bf2b7d62340e1853a1bdd231df921c2 Mon Sep 17 00:00:00 2001 From: Sloane Hertel Date: Tue, 26 Sep 2017 16:10:37 -0400 Subject: [PATCH] [cloud] Don't remove profile, security_token by default in `aws_s3` (#30902) (#30930) Comment above suggests only removing it for non-S3 services, so let's actually enforce that. --- lib/ansible/modules/cloud/amazon/aws_s3.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/ansible/modules/cloud/amazon/aws_s3.py b/lib/ansible/modules/cloud/amazon/aws_s3.py index 7b2ad3f8e92..9d5ba2971c4 100644 --- a/lib/ansible/modules/cloud/amazon/aws_s3.py +++ b/lib/ansible/modules/cloud/amazon/aws_s3.py @@ -605,8 +605,9 @@ def main(): # Look at s3_url and tweak connection settings # if connecting to RGW, Walrus or fakes3 - for key in ['validate_certs', 'security_token', 'profile_name']: - aws_connect_kwargs.pop(key, None) + if s3_url: + for key in ['validate_certs', 'security_token', 'profile_name']: + aws_connect_kwargs.pop(key, None) try: s3 = get_s3_connection(module, aws_connect_kwargs, location, rgw, s3_url) except (botocore.exceptions.NoCredentialsError, botocore.exceptions.ProfileNotFound) as e: