From 37894c243ddeee28b090bfb6061d8a532985cf93 Mon Sep 17 00:00:00 2001 From: Nikos Dragazis Date: Wed, 22 Jan 2025 17:25:59 +0200 Subject: [PATCH] encryption_config: Mention environment in credential sources for KMS The help string for the `--kms-hosts` command-line option mentions only the AWS credentials file as a fall-back search path, in case no explicit credentials are given. Extend the help string to mention the environment as well. Make it clear that the environment has higher precedence than the credentials file. Signed-off-by: Nikos Dragazis --- ent/encryption/encryption_config.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ent/encryption/encryption_config.cc b/ent/encryption/encryption_config.cc index 3dbccbd3d3..a3458ae7cb 100644 --- a/ent/encryption/encryption_config.cc +++ b/ent/encryption/encryption_config.cc @@ -82,7 +82,7 @@ Actual connection can be either an explicit endpoint (:), or selecte If aws_use_ec2_region is true, regions is instead queried from EC2 metadata. Authentication can be explicit with aws_access_key_id and aws_secret_access_key. Either secret or both can be omitted -in which case the provider will try to read them from AWS credentials in ~/.aws/credentials +in which case the provider will try to read them from the environment, and then from AWS credentials in ~/.aws/credentials If aws_use_ec2_credentials is true, authentication is instead queried from EC2 metadata.