From 2404216e475680f3090cdec4e647e50865df6368 Mon Sep 17 00:00:00 2001
From: pollfly <75068813+pollfly@users.noreply.github.com>
Date: Wed, 13 Apr 2022 11:45:35 +0300
Subject: [PATCH] Add AWS credentials chain info (#234)

---
 docs/configs/clearml_conf.md | 9 +++++++++
 docs/integrations/storage.md | 8 +++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/docs/configs/clearml_conf.md b/docs/configs/clearml_conf.md
index 3d375a58..33df822e 100644
--- a/docs/configs/clearml_conf.md
+++ b/docs/configs/clearml_conf.md
@@ -664,6 +664,15 @@ metrics, network, AWS S3 buckets and credentials, Google Cloud Storage, Azure St
     
 * For AWS S3, the default secret access key for any bucket that is not specified in the `sdk.aws.s3.credentials` section.
     
+---
+
+**`sdk.aws.s3.use_credentials_chain`** (*bool*)
+
+* Instead of using default credentials for an unspecified bucket, enable credentials chain to let Boto3 pick the right 
+  credentials. This includes picking credentials from environment variables,
+  a credential file, and metadata service with an IAM role configured. See [Boto3 documentation](https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#configuring-credentials)
+  
+
 <br/>
 
 ###### sdk.aws.s3.credentials
diff --git a/docs/integrations/storage.md b/docs/integrations/storage.md
index 26b85503..39eb7b4a 100644
--- a/docs/integrations/storage.md
+++ b/docs/integrations/storage.md
@@ -23,7 +23,12 @@ The ClearML configuration file uses [HOCON](https://github.com/lightbend/config/
 ### Configuring AWS S3
 
 Modify these parts of the clearml.conf file and add the key, secret, and region of the s3 bucket.
-It's possible to also give access to specific s3 buckets.
+It's possible to also give access to specific s3 buckets. 
+
+You can also enable using a credentials chain to let Boto3 
+pick the right credentials. This includes picking credentials from environment variables, a credential file, and metadata service 
+with an IAM role configured. See [Boto3 documentation](https://boto3.amazonaws.com/v1/documentation/api/latest/guide/credentials.html#configuring-credentials).
+
 ```
 aws {
     s3 {
@@ -41,6 +46,7 @@ aws {
                 key: ""
                 secret: ""
                 verify: "/path/to/ca/bundle.crt" OR false to not verify
+                use_credentials_chain: false
             },
                 
         ]