Add Gradle dependency software.amazon.awssdk:sts #219
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The AWS STS dependency is required to support the IRSA method of authentication when running in Kubernetes Authentication with IRSA is the recommended way to access AWS resources Example error from the connector if this package is not installed when attempting to access resources via an AWS service account: WARN s.a.a.a.c.i.WebIdentityCredentialsUtils - To use web identity tokens, the 'sts' service module must be on the class path. Exception in thread "main" software.amazon.awssdk.core.exception.SdkClientException: Unable to load credentials from any of the providers in the chain AwsCredentialsProviderChain "IRSA Overview" https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html "Use IRSA with the AWS SDK" https://docs.aws.amazon.com/en_ca/eks/latest/userguide/iam-roles-for-service-accounts-minimum-sdk.html https://centeredge.atlassian.net/browse/DO-4758
|
Thank you very much! Tracking as CBES-327. We'll aim to get this into this month's release. Gerrit is our "source of truth" repository. Because this is such a minor change, I will just copy it over -- no need to sign a CLA. We will credit you in the release notes by your GitHub profile link, unless you have a different preference. Thanks again. |
ns-codereview
pushed a commit
that referenced
this pull request
Feb 15, 2025
Modifications ------------- Add dependency on `software.amazon.awssdk:sts` Credits ------- Thank you to https://github.com/clupo #219 Change-Id: Icc860d573e763126593991ddc5b3050bb2dbef33 Reviewed-on: https://review.couchbase.org/c/couchbase-elasticsearch-connector/+/223226 Tested-by: Build Bot <[email protected]> Reviewed-by: Michael Reiche <[email protected]>
|
We're running out of days in February, so "this month's" release will more likely be in March. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The AWS STS dependency is required to support the IRSA method of authentication when running in Kubernetes
Authentication with IRSA is the recommended way to access AWS resources
Example error from the connector if this package is not installed when attempting to access resources via an AWS service account:
When we deployed the connector to our environment with this added dependency the connector started up healthy and functioned as expected
Reference docs:
"Use IRSA with the AWS SDK" https://docs.aws.amazon.com/en_ca/eks/latest/userguide/iam-roles-for-service-accounts-minimum-sdk.html
"IRSA Overview" https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html