With boto I could connect to public S3 buckets without credentials by passing the anon= keyword argument.

s3 = boto.connect_s3(anon=True)

Is this possible with boto3?


Solution 1:

Yes. Your credentials are used to sign all the requests you send out, so what you have to do is configure the client to not perform the signing step at all. You can do that as follows:

import boto3
from botocore import UNSIGNED
from botocore.client import Config

s3 = boto3.client('s3', config=Config(signature_version=UNSIGNED))
# Use the client

Solution 2:

Disable signing

import boto3

from botocore.handlers import disable_signing
resource = boto3.resource('s3')
resource.meta.client.meta.events.register('choose-signer.s3.*', disable_signing)

Solution 3:

None of these seem to work as of the current boto3 version (1.9.168). This hack (courtesy of an unfixed github issue on botocore) does seem to do the trick:

client = boto3.client('s3', aws_access_key_id='', aws_secret_access_key='')
client._request_signer.sign = (lambda *args, **kwargs: None)