From a2a2401a681c2ee89ffce113fc875454d600ec0a Mon Sep 17 00:00:00 2001
From: Michael Eischer <michael.eischer@fau.de>
Date: Sun, 7 Jul 2024 11:31:04 +0200
Subject: [PATCH] s3: prevent repeated credential queries with anonymous
 authentication

---
 internal/backend/s3/s3.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/internal/backend/s3/s3.go b/internal/backend/s3/s3.go
index bddb57741..1b7f6e3d2 100644
--- a/internal/backend/s3/s3.go
+++ b/internal/backend/s3/s3.go
@@ -132,6 +132,9 @@ func getCredentials(cfg Config) (*credentials.Credentials, error) {
 
 	if c.SignerType == credentials.SignatureAnonymous {
 		debug.Log("using anonymous access for %#v", cfg.Endpoint)
+		// short circuit credentials resolution when using anonymous access
+		// otherwise the IAM provider would continuously try to (unsuccessfully) retrieve new credentials
+		creds = credentials.New(&credentials.Static{})
 	}
 
 	roleArn := os.Getenv("RESTIC_AWS_ASSUME_ROLE_ARN")