NIFI-12766 Fixed Region handling for AWS Assume Role Credentials

This closes #8382

Signed-off-by: David Handermann <exceptionfactory@apache.org>
This commit is contained in:
Peter Turcsanyi 2024-02-09 18:48:32 +01:00 committed by exceptionfactory
parent 6243d00158
commit 9ba68edb5f
No known key found for this signature in database
1 changed files with 2 additions and 1 deletions

View File

@ -178,12 +178,13 @@ public class AssumeRoleCredentialsStrategy extends AbstractCredentialsStrategy {
AWSSecurityTokenServiceClientBuilder securityTokenServiceBuilder = AWSSecurityTokenServiceClient.builder() AWSSecurityTokenServiceClientBuilder securityTokenServiceBuilder = AWSSecurityTokenServiceClient.builder()
.withCredentials(primaryCredentialsProvider) .withCredentials(primaryCredentialsProvider)
.withRegion(assumeRoleSTSRegion)
.withClientConfiguration(config); .withClientConfiguration(config);
if (assumeRoleSTSEndpoint != null && !assumeRoleSTSEndpoint.isEmpty()) { if (assumeRoleSTSEndpoint != null && !assumeRoleSTSEndpoint.isEmpty()) {
AwsClientBuilder.EndpointConfiguration endpointConfiguration = new AwsClientBuilder.EndpointConfiguration(assumeRoleSTSEndpoint, assumeRoleSTSRegion); AwsClientBuilder.EndpointConfiguration endpointConfiguration = new AwsClientBuilder.EndpointConfiguration(assumeRoleSTSEndpoint, assumeRoleSTSRegion);
securityTokenServiceBuilder.withEndpointConfiguration(endpointConfiguration); securityTokenServiceBuilder.withEndpointConfiguration(endpointConfiguration);
} else {
securityTokenServiceBuilder.withRegion(assumeRoleSTSRegion);
} }
STSAssumeRoleSessionCredentialsProvider.Builder builder = new STSAssumeRoleSessionCredentialsProvider.Builder(assumeRoleArn, assumeRoleName) STSAssumeRoleSessionCredentialsProvider.Builder builder = new STSAssumeRoleSessionCredentialsProvider.Builder(assumeRoleArn, assumeRoleName)