From 1fc239475930d420954bcb024c2b3c68a67bc9f9 Mon Sep 17 00:00:00 2001 From: Sam Holton Date: Thu, 9 Jan 2025 13:39:24 -0500 Subject: [PATCH] fall back to DefaultCredentialsProvider if all blank --- .../plugins/awscredentials/AWSCredentialsImpl.java | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/cloudbees/jenkins/plugins/awscredentials/AWSCredentialsImpl.java b/src/main/java/com/cloudbees/jenkins/plugins/awscredentials/AWSCredentialsImpl.java index 077db21..2a764bf 100644 --- a/src/main/java/com/cloudbees/jenkins/plugins/awscredentials/AWSCredentialsImpl.java +++ b/src/main/java/com/cloudbees/jenkins/plugins/awscredentials/AWSCredentialsImpl.java @@ -53,6 +53,7 @@ import software.amazon.awssdk.auth.credentials.AwsCredentials; import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider; import software.amazon.awssdk.auth.credentials.AwsSessionCredentials; +import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider; import software.amazon.awssdk.auth.credentials.StaticCredentialsProvider; import software.amazon.awssdk.awscore.exception.AwsServiceException; import software.amazon.awssdk.core.exception.SdkException; @@ -168,10 +169,13 @@ public boolean requiresToken() { @Override public AwsCredentials resolveCredentials() { - if (StringUtils.isBlank(iamRoleArn) - && !StringUtils.isBlank(accessKey) - && !StringUtils.isBlank(secretKey.getPlainText())) { - return AwsBasicCredentials.create(accessKey, secretKey.getPlainText()); + if (StringUtils.isBlank(iamRoleArn)) { + if (StringUtils.isBlank(accessKey) && StringUtils.isBlank(secretKey.getPlainText())) { + // fall back to default credentials of node + return DefaultCredentialsProvider.builder().build().resolveCredentials(); + } else { + return AwsBasicCredentials.create(accessKey, secretKey.getPlainText()); + } } else { AwsCredentialsProvider baseProvider; // Handle the case of delegation to instance profile