diff --git a/glance/common/store_utils.py b/glance/common/store_utils.py
index d592e36c54..57f417d62f 100644
--- a/glance/common/store_utils.py
+++ b/glance/common/store_utils.py
@@ -301,8 +301,8 @@ def _update_s3_location_and_store_id(context, loc):
 
     location_map = store_api.location.SCHEME_TO_CLS_BACKEND_MAP
     if scheme not in location_map:
-        LOG.debug("Unknown scheme '%(scheme)s' found in uri '%(uri)s'",
-                  {'scheme': scheme, 'uri': uri})
+        LOG.debug("Unknown scheme '%(scheme)s' found in uri",
+                  {'scheme': scheme})
         return False
 
     # URL format: s3://key:secret@host/bucket/object
diff --git a/glance/tests/unit/common/test_utils.py b/glance/tests/unit/common/test_utils.py
index 02a4d3b3ea..5b70d80c96 100644
--- a/glance/tests/unit/common/test_utils.py
+++ b/glance/tests/unit/common/test_utils.py
@@ -1208,9 +1208,10 @@ class S3CredentialUpdateTestCase(test_utils.BaseTestCase):
         # URL should remain unchanged
         self.assertEqual(location['url'], original_url)
         # Verify that the debug log was called for unknown scheme
+        # Note: URI is not logged for S3 schemes to avoid credential exposure
         mock_log.debug.assert_called_once_with(
-            "Unknown scheme '%(scheme)s' found in uri '%(uri)s'",
-            {'scheme': 's3', 'uri': 's3://key:secret@bucket/object'})
+            "Unknown scheme '%(scheme)s' found in uri",
+            {'scheme': 's3'})
 
     @mock.patch('glance.common.store_utils.store_api')
     @mock.patch('glance.common.store_utils.CONF')