Nomad(>1.5.0) artifact from s3 bucket


So I realized that since 1.5.0 artifact downloads occur in a sub-process.
And when I configure the artifact stanza with the access key and secret key in it, it works just fine.

            artifact {
                source = "s3::"
                options {
                    aws_access_key_id     = "6rMOOHXeW/sfsafas"
                    aws_access_key_secret = "1OnW76rMOOHXeW/sfsafasfasd"

However I don’t want to store the credentials in the manifest file. So the idea would be to use environment variables.
For backward compatibility, the artifact sandbox can be configured to inherit specified environment variables from the Nomad client by setting set_environment_variables.
But where do I set these variables? I am confused about this configuration.

So I figured out the systemd service file for nomad pulls environment variables from “/etc/nomad.d/nomad.env”

[root@xxxxx ~]# grep Environment /usr/lib/systemd/system/nomad.service

If you set the AWS access id, and secret key there, it works with AWS S3,
but doesn’t work with an on-prem s3 compatible object storage.