From 9ba68edb5fc39fb63fb745f81fac1f2030f761e0 Mon Sep 17 00:00:00 2001 From: Peter Turcsanyi Date: Fri, 9 Feb 2024 18:48:32 +0100 Subject: [PATCH] NIFI-12766 Fixed Region handling for AWS Assume Role Credentials This closes #8382 Signed-off-by: David Handermann --- .../factory/strategies/AssumeRoleCredentialsStrategy.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java b/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java index c662a38284..4fa8a76478 100644 --- a/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java +++ b/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java @@ -178,12 +178,13 @@ public class AssumeRoleCredentialsStrategy extends AbstractCredentialsStrategy { AWSSecurityTokenServiceClientBuilder securityTokenServiceBuilder = AWSSecurityTokenServiceClient.builder() .withCredentials(primaryCredentialsProvider) - .withRegion(assumeRoleSTSRegion) .withClientConfiguration(config); if (assumeRoleSTSEndpoint != null && !assumeRoleSTSEndpoint.isEmpty()) { AwsClientBuilder.EndpointConfiguration endpointConfiguration = new AwsClientBuilder.EndpointConfiguration(assumeRoleSTSEndpoint, assumeRoleSTSRegion); securityTokenServiceBuilder.withEndpointConfiguration(endpointConfiguration); + } else { + securityTokenServiceBuilder.withRegion(assumeRoleSTSRegion); } STSAssumeRoleSessionCredentialsProvider.Builder builder = new STSAssumeRoleSessionCredentialsProvider.Builder(assumeRoleArn, assumeRoleName)