Merge pull request #3245 from olegburov/reopen-pr-2973

Reopen PR #2973 (Support ECS TaskRole in S3 storage driver).

registry/storage/driver/s3-aws/s3.go

@@ -29,7 +29,6 @@ import (
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/credentials"
-	"github.com/aws/aws-sdk-go/aws/defaults"
 	"github.com/aws/aws-sdk-go/aws/endpoints"
 	"github.com/aws/aws-sdk-go/aws/request"
 	"github.com/aws/aws-sdk-go/aws/session"
@@ -403,25 +402,22 @@ func New(params DriverParameters) (*Driver, error) {
 		return nil, fmt.Errorf("on Amazon S3 this storage driver can only be used with v4 authentication")
 	}
 
-	awsConfig := defaults.Config()
+	awsConfig := aws.NewConfig()
-	providers := []credentials.Provider{
+
-		&credentials.StaticProvider{
+	if params.AccessKey != "" && params.SecretKey != "" {
-			Value: credentials.Value{
+		creds := credentials.NewStaticCredentials(
-				AccessKeyID:     params.AccessKey,
+			params.AccessKey,
-				SecretAccessKey: params.SecretKey,
+			params.SecretKey,
-				SessionToken:    params.SessionToken,
+			params.SessionToken,
-			},
+		)
-		},
+		awsConfig.WithCredentials(creds)
 	}
-	providers = append(providers, defaults.CredProviders(awsConfig, defaults.Handlers())...)
-	creds := credentials.NewChainCredentials(providers)
 
 	if params.RegionEndpoint != "" {
 		awsConfig.WithS3ForcePathStyle(true)
 		awsConfig.WithEndpoint(params.RegionEndpoint)
 	}
 
-	awsConfig.WithCredentials(creds)
 	awsConfig.WithRegion(params.Region)
 	awsConfig.WithDisableSSL(!params.Secure)