Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix get aws creds from environment #3617

Merged
merged 2 commits into from
Nov 28, 2024
Merged

fix get aws creds from environment #3617

merged 2 commits into from
Nov 28, 2024

Conversation

famarting
Copy link
Contributor

Description

fixes a bug introduced here https://github.com/dapr/components-contrib/pull/3591/files#diff-017233cbc5865ed02ab3eacc4bc99b36ced96fcaf3420176e41d414444e41bc9

previously it was possible to get an aws session without providing access key and secret key, and we would pick the credentials from the environment. But since that PR, specifically because of this

func newStaticIAM(_ context.Context, opts Options, cfg *aws.Config) (*StaticAuth, error) {
	auth := &StaticAuth{
		logger:        opts.Logger,
		region:        &opts.Region,
		endpoint:      &opts.Endpoint,
		accessKey:     &opts.AccessKey,
		secretKey:     &opts.SecretKey,
		sessionToken:  &opts.SessionToken,
		assumeRoleARN: &opts.AssumeRoleARN,
		sessionName:   &opts.SessionName,

and the later check

if a.accessKey != nil && a.secretKey != nil {
		// session token is an option field
		awsConfig = awsConfig.WithCredentials(credentials.NewStaticCredentials(*a.accessKey, *a.secretKey, *a.sessionToken))
	}

that would always think that access key and secret key are available, despite of them having a value or not

this can cause this error from aws

EmptyStaticCreds: static credentials are empty 0xc0003f8600

Issue reference

We strive to have all PR being opened based on an issue, where the problem or feature have been discussed prior to implementation.

Please reference the issue this PR will close: #[issue number]

Checklist

Please make sure you've completed the relevant tasks for this PR, out of the following list:

@famarting
fix get aws creds from environment
c8d900a 
Signed-off-by: Fabian Martinez <[email protected]>
@famarting famarting requested review from a team as code owners November 28, 2024 12:57
elena-kolevska
elena-kolevska previously approved these changes Nov 28, 2024
View reviewed changes
@famarting
fix nil session token
9b12903 
Signed-off-by: Fabian Martinez <[email protected]>
@famarting
Copy link
Contributor Author

ready again @elena-kolevska

@yaron2 yaron2 merged commit 1e095ed into dapr:main Nov 28, 2024
90 checks passed
@famarting famarting deleted the fix-aws-creds-from-env branch November 28, 2024 15:58
@marcduiker
Copy link
Contributor

@holopin-bot @famarting Thank you Fabian!

@holopin-bot Holopin Bot
Copy link

holopin-bot bot commented Dec 3, 2024

Congratulations @famarting, the maintainer of this repository has issued you a badge! Here it is: https://holopin.io/claim/cm4879nr021760cjm9hpdz0b1

This badge can only be claimed by you, so make sure that your GitHub account is linked to your Holopin account. You can manage those preferences here: https://holopin.io/account.
Or if you're new to Holopin, you can simply sign up with GitHub, which will do the trick!

This was referenced Dec 4, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yaron2 yaron2 yaron2 approved these changes

@JoshVanL JoshVanL JoshVanL approved these changes

@elena-kolevska elena-kolevska elena-kolevska left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@famarting @marcduiker @elena-kolevska @JoshVanL @yaron2