-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
No way to make anonymous API call #206
Comments
It's not clear what is the best approach to solve this. One solution would be to remove the current restriction that if a service has a Does that seem reasonable? |
What would that do for the error messages in the case where a user is missing credentials and they actually need them? I was going to suggest that we annotate our model to have per-operation signature version overrides (and set AssumeRoleWithSAML/AssumeRoleWithWebIdentity to have a signature_version of null or unsigned or something). But I think part of the issue is that the auth is tied to an endpoint, which doesn't know about the operation (since it's typically created off of a |
Yeah, annotating the model for these operations was my first thought but, as you say, we are currently raising the We could modify my approach and only allow the request to be made with no credentials if the operation is actually annotated appropriately. If not, we could raise the |
* release-0.31.0: (22 commits) Bumping version to 0.31.0 Remove debug logging message. Fix reference to no_auth. Allow for operations within a service to override the signature_version. Fixes #206. Supercedes #208 Fix setting socket timeout in py3 Add response parsing tests for S3 GetBucketLocation Expose output parameters matching root XML node, fix GetBucketLocation Use unittest2 on python2.6 Detect incomplete reads (content length mismatch) Simplifying code and fixing test to use unicode constant. Fixing an issue that came up while fixing aws/aws-cli#593. Fixing an issue that came up while fixing aws/aws-cli#593. Fix elastictranscoder service Add default param to get_config_variable Add session config vars for metadata retry/timeouts Add support for per session config vars Rename get_variable to get_config_variable Rename env vars to session vars Move module vars into session class vars Update elasticache model to the latest version ...
This fix appears to be no longer be a part of botocore after the refactor (~0.66.0). Is this something that needs a new issue or can we re-open this one? |
STS calls like AssumeRoleWithSAML and AssumeRoleWithWebIdentity either require or allow anonymous calls. We need to provide a way to support these types of calls in botocore, similar to what we did for boto
The text was updated successfully, but these errors were encountered: