Description
Introduce a breaking change that would continue to allow a user to configure AWS credentials explicitly during adapter construction, but remove the discreet parameters from the constructor.
See #14 for links to AWS best practice docs and some discussion of this issue.
Currently standard configuration of AWS OR explicit credentials can be used. Accepting both makes both the documentation and argument processing complicated and error prone.
In addition, by not conforming to best practices, it promotes putting secret keys in places where they shouldn't go.
I'm proposing to:
- Remove the explicit constructor parameters for key and secret
- Remove the env vars
S3_ACCESS_KEY
&S3_SECRET_KEY
as a configuration option for credentials (and make clear in the docs thatAWS_ACCESS_KEY_ID
&AWS_SECRET_ACCESS_KEY
work) - Rename the member of the config options from:
accessKey
&secretKey
toaccessKeyId
&secretAccessKey
to match the AWS SDK. - Update documentation and tests to reflect change
I don't see anywhere where this change would require a doc change in parse-server, but a decision would have to made about when to either include the revision change in the parse-server package.json
, or potentially removing all reference in code to this adapter and updating the documentation to show how to use it (which I think would be preferable as it would be a good model for how to use an adapter that is not explicitly referenced in parse-server.)