Can Sentry S3 Filesystem pick up AWS keys from instance profile?

sreeramb93 · November 15, 2017, 11:17am

I am trying to setup sentry on-premise. Sentry S3 filesystem requires ACCESS_KEY and ACCESS_SECRET.

IAM role is configured with access to S3. I do not want to expose these keys in the instance. Will sentry fetch these keys from instance profile of my ec2 instance if I don’t specify these?

This is how sentry picks up access keys for S3 storage.

   def _get_access_keys(self):
           '''
           Gets the access keys to use when accessing S3. If none
           are provided to the class in the constructor or in the
           settings then get them from the environment variables.
           '''

           def lookup_env(names):
                for name in names:
                     value = os.environ.get(name)
                 if value:
                    return value

           access_key = self.access_key or lookup_env(self.access_key_names)
           secret_key = self.secret_key or lookup_env(self.secret_key_names)
    return access_key, secret_key

EDIT: This merged PR https://github.com/getsentry/sentry/pull/6510 attempts to solve this problem. Will this be released as part of existing Sentry 8.21 or Sentry 8.22?

Topic		Replies	Views
S3 compatible object storage instead of just Amazon S3 On-Premise	3	3267	October 13, 2021
Send emails through AWS SES using the instance role? On-Premise	1	1906	August 25, 2018
Failed save logs in AWS S3 Bucket (File Storage) On-Premise	6	2831	April 15, 2020
Sentry not using backed up files from S3 On-Premise	2	937	July 22, 2021
Persisting Volume Data on AWS On-Premise	1	1210	May 25, 2021

Can Sentry S3 Filesystem pick up AWS keys from instance profile?

Related topics