Taragolis commented on code in PR #28545:
URL: https://github.com/apache/airflow/pull/28545#discussion_r1056692271
##########
airflow/providers/amazon/aws/hooks/base_aws.py:
##########
@@ -754,7 +754,9 @@ def test_connection(self):
"""
try:
session = self.get_session()
- conn_info = session.client("sts").get_caller_identity()
+ conn_info = session.client(
+ "sts", endpoint_url=self.conn_config.endpoint_url
+ ).get_caller_identity()
Review Comment:
Yep, something like that. With some additional logic most related to STS
client and historical reason.
If STS client defined internally in `AwsGenericHook` and
`BaseSessionFactory` it should not fallback to default `endpoint_url`.
Usual users need some additional time for change their connections and if we
can not break their connections and workflow it would be nice. Additional logic
+ warnings it is better approach.
There is two places where we use STS client internally
1. Check credentials by call STS GetCallerIdentity
2. Assume role
https://github.com/apache/airflow/blob/b3e26560c7fd835570a0b3a9d65670c87c8cfe0a/airflow/providers/amazon/aws/hooks/base_aws.py#L184-L186
In case if user use
[StsHook](https://github.com/apache/airflow/blob/b3e26560c7fd835570a0b3a9d65670c87c8cfe0a/airflow/providers/amazon/aws/hooks/sts.py#L22)
or `AwsBaseHook(client_type="sts")` then we should fallback to default
`endpoint_url`. The same how it works now
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
