From 9f1daabb2ccb16010a2f951e35bb05e28bc017de Mon Sep 17 00:00:00 2001 From: Nick Craig-Wood Date: Tue, 29 Sep 2015 09:58:03 +0100 Subject: [PATCH] s3: allow anonymous access to public repositories - fixes #154 When setting up the remote, leave both the access key and secret key blank. --- docs/content/s3.md | 38 ++++++++++++++++++++++++++++++++++++++ s3/s3.go | 19 ++++++++++++------- 2 files changed, 50 insertions(+), 7 deletions(-) diff --git a/docs/content/s3.md b/docs/content/s3.md index 7d4f6a2bb..0d4c9baa4 100644 --- a/docs/content/s3.md +++ b/docs/content/s3.md @@ -133,6 +133,44 @@ created in. If you attempt to access a bucket from the wrong region, you will get an error, `incorrect region, the bucket is not in 'XXX' region`. +### Anonymous access to public buckets ### + +If you want to use rclone to access a public bucket, configure with a +blank `access_key_id` and `secret_access_key`. Eg + +``` +e) Edit existing remote +n) New remote +d) Delete remote +q) Quit config +e/n/d/q> n +name> anons3 +What type of source is it? +Choose a number from below + 1) amazon cloud drive + 2) drive + 3) dropbox + 4) google cloud storage + 5) local + 6) s3 + 7) swift +type> 6 +AWS Access Key ID - leave blank for anonymous access. +access_key_id> +AWS Secret Access Key (password) - leave blank for anonymous access. +secret_access_key> +Region to connect to. +region> 1 +endpoint> +location_constraint> +``` + +Then use it as normal with the name of the public bucket, eg + + rclone lsd anons3:1000genomes + +You will be able to list and copy data but not upload it. + ### Ceph ### Ceph is an object storage system which presents an Amazon S3 interface. diff --git a/s3/s3.go b/s3/s3.go index cab693701..3c57e1b55 100644 --- a/s3/s3.go +++ b/s3/s3.go @@ -41,10 +41,10 @@ func init() { // AWS endpoints: http://docs.amazonwebservices.com/general/latest/gr/rande.html#s3_region Options: []fs.Option{{ Name: "access_key_id", - Help: "AWS Access Key ID.", + Help: "AWS Access Key ID - leave blank for anonymous access.", }, { Name: "secret_access_key", - Help: "AWS Secret Access Key (password). ", + Help: "AWS Secret Access Key (password) - leave blank for anonymous access.", }, { Name: "region", Help: "Region to connect to.", @@ -193,14 +193,19 @@ func s3ParsePath(path string) (bucket, directory string, err error) { func s3Connection(name string) (*s3.S3, error) { // Make the auth accessKeyID := fs.ConfigFile.MustValue(name, "access_key_id") - if accessKeyID == "" { - return nil, errors.New("access_key_id not found") - } secretAccessKey := fs.ConfigFile.MustValue(name, "secret_access_key") - if secretAccessKey == "" { + var auth *credentials.Credentials + switch { + case accessKeyID == "" && secretAccessKey == "": + fs.Debug(name, "Using anonymous access for S3") + auth = credentials.AnonymousCredentials + case accessKeyID == "": + return nil, errors.New("access_key_id not found") + case secretAccessKey == "": return nil, errors.New("secret_access_key not found") + default: + auth = credentials.NewStaticCredentials(accessKeyID, secretAccessKey, "") } - auth := credentials.NewStaticCredentials(accessKeyID, secretAccessKey, "") endpoint := fs.ConfigFile.MustValue(name, "endpoint") region := fs.ConfigFile.MustValue(name, "region")