This is an automated email from the ASF dual-hosted git repository.
xvrl pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 35a7d863b7 add aws-java-sdk-sts to aws-common classpath (#12482)
35a7d863b7 is described below
commit 35a7d863b77a692908d90ba529714210859f3f8b
Author: Naya Chen <[email protected]>
AuthorDate: Tue May 3 12:25:51 2022 -0700
add aws-java-sdk-sts to aws-common classpath (#12482)
Fixes #11303
WebIdentityTokenProvider in the defaultAWSCredentialsProviderChain can not
actually be used because the aws-java-sdk-sts jar is not in the classpath of S3
extension at runtime, since each extension has its own classpath. This results
in the inability to assume STS role before generating authentication token.
The error message from getCredentials() is:
"Unable to load credentials from WebIdentityTokenCredentialsProvider: To
use assume role profiles the aws-java-sdk-sts module must be on the class path"
This PR will fix multiple authentication modules that are dependent on the
WebIdentityTokenProvider, including AWS IAM based RDS authentication and S3
authentication.
---
cloud/aws-common/pom.xml | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/cloud/aws-common/pom.xml b/cloud/aws-common/pom.xml
index 61f554af6a..3df322ae1d 100644
--- a/cloud/aws-common/pom.xml
+++ b/cloud/aws-common/pom.xml
@@ -80,6 +80,14 @@
<artifactId>validation-api</artifactId>
</dependency>
+ <!-- Runtime -->
+ <!-- WebIdentityTokenProvider requires runtime dependency on
aws-java-sdk-sts -->
+ <dependency>
+ <groupId>com.amazonaws</groupId>
+ <artifactId>aws-java-sdk-sts</artifactId>
+ <scope>runtime</scope>
+ </dependency>
+
<!-- Tests -->
<dependency>
<groupId>junit</groupId>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
