From b863d072c214875bee8265a367ad15c4ff963fd6 Mon Sep 17 00:00:00 2001 From: Will Thames Date: Wed, 27 Sep 2017 00:18:30 +1000 Subject: [PATCH] [cloud] Don't remove profile, security_token by default in `aws_s3` (#30902) Comment above suggests only removing it for non-S3 services, so let's actually enforce that. --- lib/ansible/modules/cloud/amazon/aws_s3.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/ansible/modules/cloud/amazon/aws_s3.py b/lib/ansible/modules/cloud/amazon/aws_s3.py index 96c322d76a5..d2551bc899d 100644 --- a/lib/ansible/modules/cloud/amazon/aws_s3.py +++ b/lib/ansible/modules/cloud/amazon/aws_s3.py @@ -604,8 +604,9 @@ def main(): # Look at s3_url and tweak connection settings # if connecting to RGW, Walrus or fakes3 - for key in ['validate_certs', 'security_token', 'profile_name']: - aws_connect_kwargs.pop(key, None) + if s3_url: + for key in ['validate_certs', 'security_token', 'profile_name']: + aws_connect_kwargs.pop(key, None) try: s3 = get_s3_connection(module, aws_connect_kwargs, location, rgw, s3_url) except (botocore.exceptions.NoCredentialsError, botocore.exceptions.ProfileNotFound) as e: