From 915edd22dd52451555f980c7644404fda05e6aae Mon Sep 17 00:00:00 2001
From: Liam Beckman <lbeckman314@gmail.com>
Date: Tue, 26 Dec 2023 17:13:56 -0800
Subject: [PATCH] Update BotoManager to use specified credentials for each
 bucket

---
 fence/__init__.py                   |  4 ++--
 fence/resources/aws/boto_manager.py | 18 +++++++++++++-----
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/fence/__init__.py b/fence/__init__.py
index 1fcc4b24e..ea58cf02c 100755
--- a/fence/__init__.py
+++ b/fence/__init__.py
@@ -388,9 +388,9 @@ def app_config(
 
 def _setup_data_endpoint_and_boto(app):
     if "AWS_CREDENTIALS" in config and len(config["AWS_CREDENTIALS"]) > 0:
-        value = list(config["AWS_CREDENTIALS"].values())[0]
+        creds = config["AWS_CREDENTIALS"]
         buckets = config.get("S3_BUCKETS", {})
-        app.boto = BotoManager(value, buckets, logger=logger)
+        app.boto = BotoManager(creds, buckets, logger=logger)
         app.register_blueprint(fence.blueprints.data.blueprint, url_prefix="/data")
 
 
diff --git a/fence/resources/aws/boto_manager.py b/fence/resources/aws/boto_manager.py
index 3b60b7ca8..1fee8e8ca 100644
--- a/fence/resources/aws/boto_manager.py
+++ b/fence/resources/aws/boto_manager.py
@@ -26,14 +26,22 @@ def __init__(self, config, buckets, logger):
         self.iam = None
 
     def create_s3_clients(self, config, buckets):
-        s3_clients = {
-            'default': client('s3', **config)
-        }
+        s3_clients = {}
+        for creds in config:
+            if config[creds]['aws'] == 'true':
+                s3_clients = {'default': self.s3_client}
+
         for bucket in buckets:
+            cred_name = buckets[bucket]['cred']
+            keys = config[cred_name]
+            if 'aws' in keys:
+                keys.pop('aws')
+
             if 'endpoint_url' in buckets[bucket]:
                 endpoint_url = buckets[bucket]['endpoint_url']
-                endpoint_url = buckets[bucket]['endpoint_url']
-                s3_clients[bucket] = client('s3', **config, endpoint_url=endpoint_url)
+                s3_clients[bucket] = client('s3', **keys, endpoint_url=endpoint_url)
+            else:
+                s3_clients[bucket] = client('s3', **keys)
         return s3_clients
 
     def get_s3_client(self, bucket):