Prevent S3 URL presigning from generating a remote request span #1494
Conversation
|
@marcotc congrats on getting the AWS SDK updated as well, this looks great. We're fine with this solution, or one where a AWS SDK minimum version is required. |
There was a problem hiding this comment.
I think this is good to go, one small nit in code comments, not blocking though.
It looks like your upstream PR got merged but aws doesn't cut a new release that frequently, however in the future we may want to revist this and rely on the upstream approach of checking context[:presigned_url] for relevant versions.
Co-authored-by: Eric Mustin <eric.mustin@datadoghq.com>
It would be nice. I'll add a comment referencing the easier way to do it in the code. |
Fixes #922
This PR addresses
ddtracecapturing a "fake" S3 request that the AWS S3 SDK reports when presigning a request URL.Presigned URLs give users a pre-authenticated URL to be used in the future to retrieve data from S3, but they do not preform any data retrieval to get created.
The Ruby S3 SDK performs a "fake" request internally to generated a presigned URL: it creates an S3
get_objectrequest, sends it through the regular request handler (one of which beingDatadog::Contrib::Aws::Handler), but hijacks the "data send" step at the end by not actually sending the request.Unfortunately, there's no data we can use to differentiate between a real request and a fake request in our
ddtracehandler. I've opened a PR with AWS to provide us with that information, so we can simplify the logic from this PR in the future: aws/aws-sdk-ruby#2513This PR effectively removes our request handler from these fake presign requests, the same approach taken internally by the S3 SDK for some of its own handlers that do not play nice with the fake presign request: https://github.com/aws/aws-sdk-ruby/blob/656691b470bb970627286cf1df2bd84049b6787d/gems/aws-sdk-s3/lib/aws-sdk-s3/presigner.rb#L194-L196