From dc0db4eda47a366f40b043f2c778e74842b83824 Mon Sep 17 00:00:00 2001 From: Michael Eischer Date: Mon, 8 Jul 2024 19:47:05 +0200 Subject: [PATCH] add s3 anonymous authentication changelog entry --- changelog/unreleased/issue-4707 | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 changelog/unreleased/issue-4707 diff --git a/changelog/unreleased/issue-4707 b/changelog/unreleased/issue-4707 new file mode 100644 index 000000000..3c5ffa2ad --- /dev/null +++ b/changelog/unreleased/issue-4707 @@ -0,0 +1,14 @@ +Change: Disallow S3 anonymous authentication by default + +When using the S3 backend with anonymous authentication, it continuously tried +to retrieve new authentication credentials, which caused bad performance. + +Now, to use anonymous authentication, it is necessary to pass the option `-o +s3.unsafe-anonymous-auth=true` to restic. + +It is temporarily possible to revert to the old behavior by setting the +environment variable `RESTIC_FEATURES=explicit-s3-anonymous-auth=false`. Note +that this feature flag will be removed in the next minor restic version. + +https://github.com/restic/restic/issues/4707 +https://github.com/restic/restic/pull/4908