From 6511d2968ea3d07b48cdf55e1e9c26eaa6401a20 Mon Sep 17 00:00:00 2001
From: Chris Meyers <chris.meyers.fsu@gmail.com>
Date: Wed, 12 Jul 2017 15:27:18 -0400
Subject: [PATCH] use newest aws env var names for creds

---
 awx/main/tasks.py                 | 6 +++---
 awx/main/tests/unit/test_tasks.py | 8 ++++----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/awx/main/tasks.py b/awx/main/tasks.py
index 54401af49f..dac868c637 100644
--- a/awx/main/tasks.py
+++ b/awx/main/tasks.py
@@ -557,7 +557,7 @@ class BaseTask(Task):
         urlpass_re = re.compile(r'^.*?://[^:]+:(.*?)@.*?$')
         safe_env = dict(env)
         for k,v in safe_env.items():
-            if k in ('REST_API_URL', 'AWS_ACCESS_KEY', 'AWS_ACCESS_KEY_ID'):
+            if k in ('REST_API_URL', 'AWS_ACCESS_KEY_ID'):
                 continue
             elif k.startswith('ANSIBLE_') and not k.startswith('ANSIBLE_NET'):
                 continue
@@ -943,8 +943,8 @@ class RunJob(BaseTask):
         cred_files = kwargs.get('private_data_files', {}).get('credentials', {})
         for cloud_cred in job.cloud_credentials:
             if cloud_cred and cloud_cred.kind == 'aws':
-                env['AWS_ACCESS_KEY'] = cloud_cred.username
-                env['AWS_SECRET_KEY'] = decrypt_field(cloud_cred, 'password')
+                env['AWS_ACCESS_KEY_ID'] = cloud_cred.username
+                env['AWS_SECRET_ACCESS_KEY'] = decrypt_field(cloud_cred, 'password')
                 if len(cloud_cred.security_token) > 0:
                     env['AWS_SECURITY_TOKEN'] = decrypt_field(cloud_cred, 'security_token')
                 # FIXME: Add EC2_URL, maybe EC2_REGION!
diff --git a/awx/main/tests/unit/test_tasks.py b/awx/main/tests/unit/test_tasks.py
index ff655b4902..3261d8fb0d 100644
--- a/awx/main/tests/unit/test_tasks.py
+++ b/awx/main/tests/unit/test_tasks.py
@@ -494,8 +494,8 @@ class TestJobCredentials(TestJobExecution):
         call_args, _ = self.run_pexpect.call_args_list[0]
         args, cwd, env, stdout = call_args
 
-        assert env['AWS_ACCESS_KEY'] == 'bob'
-        assert env['AWS_SECRET_KEY'] == 'secret'
+        assert env['AWS_ACCESS_KEY_ID'] == 'bob'
+        assert env['AWS_SECRET_ACCESS_KEY'] == 'secret'
         assert 'AWS_SECURITY_TOKEN' not in env
 
     def test_aws_cloud_credential_with_sts_token(self):
@@ -514,8 +514,8 @@ class TestJobCredentials(TestJobExecution):
         call_args, _ = self.run_pexpect.call_args_list[0]
         args, cwd, env, stdout = call_args
 
-        assert env['AWS_ACCESS_KEY'] == 'bob'
-        assert env['AWS_SECRET_KEY'] == 'secret'
+        assert env['AWS_ACCESS_KEY_ID'] == 'bob'
+        assert env['AWS_SECRET_ACCESS_KEY'] == 'secret'
         assert env['AWS_SECURITY_TOKEN'] == 'token'
 
     def test_gce_credentials(self):