botocore icon indicating copy to clipboard operation
botocore copied to clipboard
verified publisher icon boto

Use XDG Base Directory Specification

Open pierreprinetti opened this issue 6 years ago • 3 comments

The XDG specification defines where configuration files and credential files should be placed.

Following this standard ensures a clean home directory and some consistency across applications.

The default directory to write configuration and credentials files should be ${XDG_CONFIG_HOME:-${HOME}/.config}/aws (or %LOCALAPPDATA%\aws\config).

The default directory to read configuration and credentials files should be ${XDG_CONFIG_HOME:-${HOME}/.config}/aws (or %LOCALAPPDATA%\aws\config) first, then ${HOME}/.aws to maintain backwards compatibility.

What do you think?

I am willing to file a change request if this design is accepted.

I hope the Windows values make some sense, as I am not an expert.

cf. https://github.com/aws/aws-cli/issues/2433

pierreprinetti avatar Oct 01 '19 06:10 pierreprinetti

This proposal does not change the default override logic: the environment variables AWS_SHARED_CREDENTIALS_FILE and AWS_CONFIG_FILE should maintain their precedence, just like the specific environment variables and command-line switches that refer to specific keys like AWS_ACCESS_KEY_ID or --region <string>.

The proposed change only affects the hardcoded default fallback locations.

pierreprinetti avatar Oct 01 '19 06:10 pierreprinetti

@pierreprinetti In general, I don't think we're against this change it's simply been more of a priority issue than anything else. There's a relatively high amount of friction in making a change like this as botocore and the AWS CLI aren't the only tools that look at these files. If we make this change it puts pressure on other tools to follow suite (read as we'll likely need consensus before making the change). To be blunt, we likely won't have much time to look into this anytime soon as it's functionally the same and there are workarounds (mentioned in the other thread) if one is really inclined on getting this behavior.

joguSD avatar Oct 01 '19 19:10 joguSD

If this was possible with a small change (and I am not sure it is), would you accept a PR that:

  • on the write side: does not change where the credentials are created; but
  • on the read side: looks into ~/.aws and into the XDG directory?

pierreprinetti avatar Oct 01 '19 19:10 pierreprinetti

This feature request is now being tracked here in our cross-SDK repository: https://github.com/aws/aws-cli/issues/9031. Feature requests involving credentials/configuration need to be reviewed at a cross-SDK level, since other SDKs rely on those in addition to the CLI. Will close this issue to continue tracking there.

tim-finnigan avatar Aug 21 '24 22:08 tim-finnigan

This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one.

github-actions[bot] avatar Aug 21 '24 22:08 github-actions[bot]