diff --git a/extensions/s3-extensions/src/main/java/io/druid/storage/s3/S3StorageDruidModule.java b/extensions/s3-extensions/src/main/java/io/druid/storage/s3/S3StorageDruidModule.java index 3d2434365ae..792136ae8b9 100644 --- a/extensions/s3-extensions/src/main/java/io/druid/storage/s3/S3StorageDruidModule.java +++ b/extensions/s3-extensions/src/main/java/io/druid/storage/s3/S3StorageDruidModule.java @@ -19,7 +19,13 @@ package io.druid.storage.s3; +import com.amazonaws.AmazonClientException; import com.amazonaws.auth.AWSCredentialsProvider; +import com.amazonaws.auth.AWSCredentialsProviderChain; +import com.amazonaws.auth.EnvironmentVariableCredentialsProvider; +import com.amazonaws.auth.InstanceProfileCredentialsProvider; +import com.amazonaws.auth.SystemPropertiesCredentialsProvider; +import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.fasterxml.jackson.databind.Module; import com.google.common.base.Strings; import com.google.common.collect.ImmutableList; @@ -62,14 +68,18 @@ public class S3StorageDruidModule implements DruidModule binder.bind(S3TaskLogs.class).in(LazySingleton.class); } - @Provides - @LazySingleton - public AWSCredentialsProvider getAWSCredentialsProvider(final AWSCredentialsConfig config) + private static class ConfigDrivenAwsCredentialsConfigProvider implements AWSCredentialsProvider { - if (!Strings.isNullOrEmpty(config.getAccessKey()) && !Strings.isNullOrEmpty(config.getSecretKey())) { - return new AWSCredentialsProvider() { - @Override - public com.amazonaws.auth.AWSCredentials getCredentials() { + private AWSCredentialsConfig config; + + public ConfigDrivenAwsCredentialsConfigProvider(AWSCredentialsConfig config) { + this.config = config; + } + + @Override + public com.amazonaws.auth.AWSCredentials getCredentials() + { + if (!Strings.isNullOrEmpty(config.getAccessKey()) && !Strings.isNullOrEmpty(config.getSecretKey())) { return new com.amazonaws.auth.AWSCredentials() { @Override public String getAWSAccessKeyId() { @@ -82,13 +92,56 @@ public class S3StorageDruidModule implements DruidModule } }; } - - @Override - public void refresh() {} - }; - } else { - return new FileSessionCredentialsProvider(config.getFileSessionCredentials()); + throw new AmazonClientException("Unable to load AWS credentials from druid AWSCredentialsConfig"); } + + @Override + public void refresh() {} + } + + private static class LazyFileSessionCredentialsProvider implements AWSCredentialsProvider + { + private AWSCredentialsConfig config; + private FileSessionCredentialsProvider provider; + + public LazyFileSessionCredentialsProvider(AWSCredentialsConfig config) { + this.config = config; + } + + private FileSessionCredentialsProvider getUnderlyingProvider() { + if (provider == null) { + synchronized (config) { + if (provider == null) { + provider = new FileSessionCredentialsProvider(config.getFileSessionCredentials()); + } + } + } + return provider; + } + + @Override + public com.amazonaws.auth.AWSCredentials getCredentials() + { + return getUnderlyingProvider().getCredentials(); + } + + @Override + public void refresh() { + getUnderlyingProvider().refresh(); + } + } + + @Provides + @LazySingleton + public AWSCredentialsProvider getAWSCredentialsProvider(final AWSCredentialsConfig config) + { + return new AWSCredentialsProviderChain( + new ConfigDrivenAwsCredentialsConfigProvider(config), + new LazyFileSessionCredentialsProvider(config), + new EnvironmentVariableCredentialsProvider(), + new SystemPropertiesCredentialsProvider(), + new ProfileCredentialsProvider(), + new InstanceProfileCredentialsProvider()); } @Provides diff --git a/pom.xml b/pom.xml index 26b26ad37be..375741dedfc 100644 --- a/pom.xml +++ b/pom.xml @@ -135,7 +135,7 @@ com.amazonaws aws-java-sdk - 1.6.0.1 + 1.8.11 javax.mail