New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS: avoid static global credentials provider which doesn't play well with lifecycle management #8677
AWS: avoid static global credentials provider which doesn't play well with lifecycle management #8677
Conversation
…tCredentialsProvider.create()` to avoid sharing the same credentials provider across multiple clients
@Kontinuation thx for the fix. LGTM. I updated the subject. will leave it for a couple of days for others to review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thank you for the fix
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is a reasonable fix for the problem at hand. Thanks @Kontinuation !
The only aspect I wonder about is how much benefit we even get from sharing HTTP clients between different service clients (in this case, between STS and S3). The main benefit of sharing HTTP clients is connection pooling; S3 and STS have different endpoints thus sharing HTTP clients between S3 and STS clients won't add any value.
Anyways that's orthogonal to the problem at hand, but just happened to surface to me as part of the debugging of this problem (again thanks @Kontinuation for the in depth analysis of the problem)
…provider for each client
thanks @Kontinuation for the root cause analysis and the fix. Thanks @dramaticlly @amogh-jahagirdar @danielcweeks for reviews |
… with lifecycle management (#8677)
… with lifecycle management (apache#8677)
Fixes #8601
It replaces
DefaultCredentialsProvider.create()
withDefaultCredentialsProvider.builder().build()
to avoid sharing the same credentials provider across multiple clients.This PR changes 3 places calling
DefaultCredentialsProvider.create()
, and adds one test forAwsCredentialsProvider.credentialsProvider
. The other two are deprecated so no tests were added for them.