Add `x-amz-security-token` field in presigned_post when required

Question

Add `x-amz-security-token` field in presigned_post when required

Closed this issue 3 years ago · 1 comments

When using temporary credentials with ex_aws (eg when using ECS task roles) an extra x-amz-security-token field is required alongside the x-amz-credential field when using presigned form uploads.

See https://docs.aws.amazon.com/general/latest/gr/sigv4-add-signature-to-request.html for more details.

The security token is available in the output of ExAws.Config.new(:s3) if it is required.

This is preventing us from moving from our own code which conditionally adds this token if it is available.

Answer 1 · 2021-11-07T09:15:43.000Z

Thanks @hoyon - it looks like the standard ex_aws code already handles this case, but the special stuff for S3 doesn't so it shouldn't be hard to add. Can you give me an example of the exact call and config (without actual authentication data scrubbed, obviously) that's failing so that I can be sure it gets fixed in the right place?