Extract AWS Key from KeyChain instead of using potential null value #19557
Assignees
Labels
Comments
dadoonet
added a commit
to dadoonet/elasticsearch
that referenced
this issue
Jul 28, 2016
While I was working on elastic#18703, I discovered a bad behavior when people don't provide AWS key/secret as part as their `elasticsearch.yml` but rely on SysProps or env. variables... In [`InternalAwsS3Service#getClient(...)`](https://github.com/elastic/elasticsearch/blob/d4366f8493ac8d2f7091404ffd346e4f3c0f9af9/plugins/repository-s3/src/main/java/org/elasticsearch/cloud/aws/InternalAwsS3Service.java#L76-L141), we have: ```java Tuple<String, String> clientDescriptor = new Tuple<>(endpoint, account); AmazonS3Client client = clients.get(clientDescriptor); ``` But if people don't provide credentials, `account` is `null`. Even if it actually could work, I think that we should use the `AWSCredentialsProvider` we create later on and extract from it the `account` (AWS KEY actually) and then use it as the second value of the tuple. Closes elastic#19557.
clintongormley
added
:Distributed/Snapshot/Restore
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While I was working on #18703, I discovered a bad behavior when people don't provide AWS key/secret as part as their
elasticsearch.ymlbut rely on SysProps or env. variables...In
InternalAwsS3Service#getClient(...), we have:But if people don't provide credentials,
accountisnull.Even if it actually could work, I think that we should use the
AWSCredentialsProviderwe create later on and extract from it theaccount(AWS KEY actually) and then use it as the second value of the tuple.The text was updated successfully, but these errors were encountered: