Merge branch 'pr/19556-use-DefaultAWSCredentialsProviderChain'

plugins/discovery-ec2/build.gradle

@@ -45,10 +45,6 @@ dependencyLicenses {
 test {
   // this is needed for insecure plugins, remove if possible!
   systemProperty 'tests.artifact', project.name
-  // this could be needed by AwsEc2ServiceImplTests#testAWSCredentialsWithSystemProviders()
-  // As it's marked as Ignored for now, we can comment those
-  // systemProperty 'aws.accessKeyId', 'DUMMY_ACCESS_KEY'
-  // systemProperty 'aws.secretKey', 'DUMMY_SECRET_KEY'
 }
 
 thirdPartyAudit.excludes = [

plugins/discovery-ec2/src/main/java/org/elasticsearch/cloud/aws/AwsEc2ServiceImpl.java

@@ -23,11 +23,8 @@ import com.amazonaws.AmazonClientException;
 import com.amazonaws.AmazonWebServiceRequest;
 import com.amazonaws.ClientConfiguration;
 import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.auth.AWSCredentialsProviderChain;
 import com.amazonaws.auth.BasicAWSCredentials;
-import com.amazonaws.auth.EnvironmentVariableCredentialsProvider;
+import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
-import com.amazonaws.auth.InstanceProfileCredentialsProvider;
-import com.amazonaws.auth.SystemPropertiesCredentialsProvider;
 import com.amazonaws.http.IdleConnectionReaper;
 import com.amazonaws.internal.StaticCredentialsProvider;
 import com.amazonaws.retry.RetryPolicy;
@@ -81,16 +78,10 @@ public class AwsEc2ServiceImpl extends AbstractLifecycleComponent implements Aws
         String secret = CLOUD_EC2.SECRET_SETTING.get(settings);
         if (key.isEmpty() && secret.isEmpty()) {
             logger.debug("Using either environment variables, system properties or instance profile credentials");
-            credentials = new AWSCredentialsProviderChain(
+            credentials = new DefaultAWSCredentialsProviderChain();
-                new EnvironmentVariableCredentialsProvider(),
-                new SystemPropertiesCredentialsProvider(),
-                new InstanceProfileCredentialsProvider()
-            );
         } else {
             logger.debug("Using basic key/secret credentials");
-            credentials = new AWSCredentialsProviderChain(
+            credentials = new StaticCredentialsProvider(new BasicAWSCredentials(key, secret));
-                new StaticCredentialsProvider(new BasicAWSCredentials(key, secret))
-            );
         }
 
         return credentials;

plugins/discovery-ec2/src/test/java/org/elasticsearch/cloud/aws/AwsEc2ServiceImplTests.java

@@ -23,22 +23,20 @@ import com.amazonaws.ClientConfiguration;
 import com.amazonaws.Protocol;
 import com.amazonaws.auth.AWSCredentials;
 import com.amazonaws.auth.AWSCredentialsProvider;
+import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.test.ESTestCase;
 
 import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.instanceOf;
 import static org.hamcrest.Matchers.is;
 import static org.hamcrest.Matchers.nullValue;
 
 public class AwsEc2ServiceImplTests extends ESTestCase {
 
-    @AwaitsFix(bugUrl = "https://github.com/elastic/elasticsearch/issues/19556")
     public void testAWSCredentialsWithSystemProviders() {
         AWSCredentialsProvider credentialsProvider = AwsEc2ServiceImpl.buildCredentials(logger, Settings.EMPTY);
-
+        assertThat(credentialsProvider, instanceOf(DefaultAWSCredentialsProviderChain.class));
-        AWSCredentials credentials = credentialsProvider.getCredentials();
-        assertThat(credentials.getAWSAccessKeyId(), is("DUMMY_ACCESS_KEY"));
-        assertThat(credentials.getAWSSecretKey(), is("DUMMY_SECRET_KEY"));
     }
 
     public void testAWSCredentialsWithElasticsearchAwsSettings() {

plugins/repository-s3/build.gradle

@@ -51,10 +51,6 @@ dependencyLicenses {
 test {
   // this is needed for insecure plugins, remove if possible!
   systemProperty 'tests.artifact', project.name
-  // this could be needed by AwsS3ServiceImplTests#testAWSCredentialsWithSystemProviders()
-  // As it's marked as Ignored for now, we can comment those
-  // systemProperty 'aws.accessKeyId', 'DUMMY_ACCESS_KEY'
-  // systemProperty 'aws.secretKey', 'DUMMY_SECRET_KEY'
 }
 
 thirdPartyAudit.excludes = [

plugins/repository-s3/src/main/java/org/elasticsearch/cloud/aws/InternalAwsS3Service.java

@@ -22,11 +22,8 @@ package org.elasticsearch.cloud.aws;
 import com.amazonaws.ClientConfiguration;
 import com.amazonaws.Protocol;
 import com.amazonaws.auth.AWSCredentialsProvider;
-import com.amazonaws.auth.AWSCredentialsProviderChain;
 import com.amazonaws.auth.BasicAWSCredentials;
-import com.amazonaws.auth.EnvironmentVariableCredentialsProvider;
+import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
-import com.amazonaws.auth.InstanceProfileCredentialsProvider;
-import com.amazonaws.auth.SystemPropertiesCredentialsProvider;
 import com.amazonaws.http.IdleConnectionReaper;
 import com.amazonaws.internal.StaticCredentialsProvider;
 import com.amazonaws.services.s3.AmazonS3;
@@ -36,7 +33,6 @@ import org.elasticsearch.ElasticsearchException;
 import org.elasticsearch.common.Strings;
 import org.elasticsearch.common.collect.Tuple;
 import org.elasticsearch.common.component.AbstractLifecycleComponent;
-import org.elasticsearch.common.inject.Inject;
 import org.elasticsearch.common.logging.ESLogger;
 import org.elasticsearch.common.settings.Settings;
 
@@ -122,19 +118,12 @@ public class InternalAwsS3Service extends AbstractLifecycleComponent implements
 
     public static AWSCredentialsProvider buildCredentials(ESLogger logger, String key, String secret) {
         AWSCredentialsProvider credentials;
-
         if (key.isEmpty() && secret.isEmpty()) {
             logger.debug("Using either environment variables, system properties or instance profile credentials");
-            credentials = new AWSCredentialsProviderChain(
+            credentials = new DefaultAWSCredentialsProviderChain();
-                new EnvironmentVariableCredentialsProvider(),
-                new SystemPropertiesCredentialsProvider(),
-                new InstanceProfileCredentialsProvider()
-            );
         } else {
             logger.debug("Using basic key/secret credentials");
-            credentials = new AWSCredentialsProviderChain(
+            credentials = new StaticCredentialsProvider(new BasicAWSCredentials(key, secret));
-                new StaticCredentialsProvider(new BasicAWSCredentials(key, secret))
-            );
         }
 
         return credentials;

plugins/repository-s3/src/test/java/org/elasticsearch/cloud/aws/AwsS3ServiceImplTests.java

@@ -23,22 +23,20 @@ import com.amazonaws.ClientConfiguration;
 import com.amazonaws.Protocol;
 import com.amazonaws.auth.AWSCredentials;
 import com.amazonaws.auth.AWSCredentialsProvider;
+import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
 import org.elasticsearch.common.settings.Settings;
 import org.elasticsearch.repositories.s3.S3Repository;
 import org.elasticsearch.test.ESTestCase;
 
 import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.instanceOf;
 import static org.hamcrest.Matchers.is;
 
 public class AwsS3ServiceImplTests extends ESTestCase {
 
-    @AwaitsFix(bugUrl = "https://github.com/elastic/elasticsearch/issues/19556")
     public void testAWSCredentialsWithSystemProviders() {
         AWSCredentialsProvider credentialsProvider = InternalAwsS3Service.buildCredentials(logger, "", "");
-
+        assertThat(credentialsProvider, instanceOf(DefaultAWSCredentialsProviderChain.class));
-        AWSCredentials credentials = credentialsProvider.getCredentials();
-        assertThat(credentials.getAWSAccessKeyId(), is("DUMMY_ACCESS_KEY"));
-        assertThat(credentials.getAWSSecretKey(), is("DUMMY_SECRET_KEY"));
     }
 
     public void testAWSCredentialsWithElasticsearchAwsSettings() {