fix: allow to do role auth for S3 bucket use. (#8149)

### What problem does this PR solve? Close #8148 . ### Type of change - [x] New Feature (non-breaking change which adds functionality)
2025-12-08 12:32:30 +08:00 · 2025-06-10 06:50:07 +04:00
parent 08f2223a6a
commit 60ab7027c0
1 changed files with 8 additions and 4 deletions
--- a/rag/utils/s3_conn.py
+++ b/rag/utils/s3_conn.py
@ -65,10 +65,14 @@ class RAGFlowS3:
            pass

        try:
-            s3_params = {
-                'aws_access_key_id': self.access_key,
-                'aws_secret_access_key': self.secret_key,
-            }
+            s3_params = {}
+            # if not set ak/sk, boto3 s3 client would try several ways to do the authentication
+            # see doc: https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#configuring-credentials
+            if self.access_key and self.secret_key:
+                s3_params = {
+                    'aws_access_key_id': self.access_key,
+                    'aws_secret_access_key': self.secret_key,
+                }
            if self.region in self.s3_config:
                s3_params['region_name'] = self.region
            if 'endpoint_url' in self.s3_config: