Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS Web Identity / IRSA Support #10541

Merged
merged 5 commits into from
Jan 25, 2021
Merged

AWS Web Identity / IRSA Support #10541

merged 5 commits into from
Jan 25, 2021

Conversation

himadrisingh
Copy link
Contributor

Description

Added the latest AWS Web Identity Token Support for Druid.
Required fro IAM Roles for Service Account on kubernetes.

Updated AWS Credential Provider in the same order which AWS SDK does.

This PR has:

  • been self-reviewed.
  • added documentation for new or modified features or behaviors.
  • added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links.
  • added or updated version, license, or notice information in licenses.yaml
  • added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
  • added unit tests or modified existing tests to cover new code paths, ensuring the threshold for code coverage is met.
  • added integration tests.
  • been tested in a test Druid cluster.

nishantmonu51
nishantmonu51 approved these changes Oct 30, 2020
View reviewed changes
Copy link
Member

@nishantmonu51 nishantmonu51 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 ,
Please also make a small change to the doc here https://druid.apache.org/docs/latest/development/extensions-core/kinesis-ingestion.html#aws-authentication and mention WebIdentity token as well.

@himanshug
Copy link
Contributor

+1 after the build

@himadrisingh himadrisingh reopened this Nov 30, 2020
clintropolis
clintropolis approved these changes Dec 2, 2020
View reviewed changes
Copy link
Member

@clintropolis clintropolis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

travis is complaining about test coverage, but not sure what a meaningful test on AWSCredentialsUtils looks like heh

@himanshug
Copy link
Contributor

hmmmm, yeah maybe just exclude it from coverage , @himadrisingh you can exclude that at https://github.com/apache/druid/blob/master/pom.xml#L1280

@pjain1 pjain1 merged commit 1c1b396 into apache:master Jan 25, 2021
@himadrisingh himadrisingh deleted the aws-web-identity-support branch January 25, 2021 13:31
@suneet-s suneet-s mentioned this pull request Apr 12, 2021
Closed
8 tasks
@mitchlloyd mitchlloyd mentioned this pull request Apr 30, 2021
Closed
2 tasks
@clintropolis clintropolis added this to the 0.22.0 milestone Aug 12, 2021
@clintropolis clintropolis mentioned this pull request Sep 3, 2021
Closed
@niravpeak niravpeak mentioned this pull request Jan 22, 2022
Closed
@didip
Copy link
Contributor

didip commented Mar 5, 2022

@himadrisingh do you happen to know why aws-java-sdk-sts.jar doesn't exist on lib/ folder?

didip added a commit to didip/druid that referenced this pull request Mar 17, 2022
@didip
Make AWS WebIdentityToken actually working and usable from inside EKS.
3e8612c 
Original PR: apache#10541 doesn’t work.
This PR addresses 2 of its issues:

1. Missing aws-java-sdk-sts.jar

2. applyAssumeRole function interferes with default s3Builder client behavior.
@didip didip mentioned this pull request Mar 17, 2022
Closed
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@clintropolis clintropolis clintropolis approved these changes

@nishantmonu51 nishantmonu51 nishantmonu51 approved these changes

Assignees
No one assigned
Labels
Area - Dependencies
Projects
None yet
Milestone
0.22.0
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@himadrisingh @himanshug @didip @clintropolis @nishantmonu51 @pjain1