@@ -536,19 +536,37 @@ def _fetch_bucket(self, bucket_name):
536536 session = boto3 .session .Session (
537537 aws_access_key_id = aws_access_key_id ,
538538 aws_secret_access_key = aws_secret_access_key )
539- s3_resource = session .resource ('s3' , use_ssl = True )
540539
541- # Otherwise, connect anonymously
542540 else :
543- iflogger .info ('Connecting to AWS: %s anonymously...' , bucket_name )
541+ iflogger .info ('Connecting to S3 bucket: %s with IAM role...' ,
542+ bucket_name )
543+
544+ # Lean on AWS environment / IAM role authentication and authorization
544545 session = boto3 .session .Session ()
545- s3_resource = session .resource ('s3' , use_ssl = True )
546+
547+ s3_resource = session .resource ('s3' , use_ssl = True )
548+
549+ # And try fetch the bucket with the name argument
550+ try :
551+ self ._get_head_bucket (s3_resource , bucket_name )
552+ except Exception as exc :
553+
554+ # Try to connect anonymously
546555 s3_resource .meta .client .meta .events .register (
547556 'choose-signer.s3.*' , botocore .handlers .disable_signing )
548557
558+ iflogger .info ('Connecting to AWS: %s anonymously...' , bucket_name )
559+ self ._get_head_bucket (s3_resource , bucket_name )
560+
549561 # Explicitly declare a secure SSL connection for bucket object
550562 bucket = s3_resource .Bucket (bucket_name )
551563
564+ # Return the bucket
565+ return bucket
566+
567+
568+ def _get_head_bucket (self , s3_resource , bucket_name ):
569+
552570 # And try fetch the bucket with the name argument
553571 try :
554572 s3_resource .meta .client .head_bucket (Bucket = bucket_name )
@@ -570,8 +588,6 @@ def _fetch_bucket(self, bucket_name):
570588 % (bucket_name , exc )
571589 raise Exception (err_msg )
572590
573- # Return the bucket
574- return bucket
575591
576592 # Send up to S3 method
577593 def _upload_to_s3 (self , bucket , src , dst ):
0 commit comments