I am trying to setup sentry on-premise. Sentry S3 filesystem requires ACCESS_KEY and ACCESS_SECRET.
IAM role is configured with access to S3. I do not want to expose these keys in the instance. Will sentry fetch these keys from instance profile of my ec2 instance if I don’t specify these?
This is how sentry picks up access keys for S3 storage.
def _get_access_keys(self): ''' Gets the access keys to use when accessing S3. If none are provided to the class in the constructor or in the settings then get them from the environment variables. ''' def lookup_env(names): for name in names: value = os.environ.get(name) if value: return value access_key = self.access_key or lookup_env(self.access_key_names) secret_key = self.secret_key or lookup_env(self.secret_key_names) return access_key, secret_key
EDIT: This merged PR https://github.com/getsentry/sentry/pull/6510 attempts to solve this problem. Will this be released as part of existing Sentry 8.21 or Sentry 8.22?