This vignette gives guidance on how to manage AWS auth within
sixtyfour.
We use the package paws to
interact with AWS. paws also handles the authentication.
paws looks for credentials in a few different places, in
the following order:
Sys.setenv(AWS_ACCESS_KEY_ID = "", AWS_SECRET_ACCESS_KEY = "", AWS_REGION = "us-west-2").
Or set them in a variety of ways to be available across R sessions. See
the [R Startup chapter][r-startup] of What They Forgot to Teach You
About R book for more details.~/.aws/credentials. Look there to see if you have this
set.~/.aws/configsixtyfour intializes R6 classes that are the object
behind a paws service (e.g., for S3), and during the
initialization it attempts to gather credentials following the above
order.
sixtyfour does not provide any mechanism directly in the
package to modify what credentials are used. However, following the
paws docs linked above you can modify what credentials are
used by adjusting what credentials you have set.
Some users may have more than one set of credentials - the next
section digs into how to approach making sure sixtyfour is
using the credentials you want to be using.
Note that the first option above - passing credentials directly as
function parameters - we do not use in sixtyfour so that
we’re not encouraging secrets being directly put into code where those
secrets may show up in public.
For many different auth scenarios see the paws credentials docs.
It probably makes the most sense to manage your AWS credentials using only one of the above methods. However, you may need to use a combination depending on your needs.
There are various ways to set credentials. Most often - as the paws docs
spell out - you will tell paws what creds to use via
environment variables. You can do that in various ways:
AWS_REGION=us-east-1 R, then when you load
paws it will use that env varwithr::with_envvar,
setting a certain set of AWS creds for just the duration of the call
block passed in to with_envvar.