[ 
https://issues.apache.org/jira/browse/NIFI-786?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15144946#comment-15144946
 ] 

Jason Brown edited comment on NIFI-786 at 2/12/16 7:51 PM:
-----------------------------------------------------------

The new AWSCredentialsProviderControllerService [NIFI-1325] accomodates assumed 
roles.

It will use the Default Credential Provider Chain if no value is set for any of 
its properties. However this is not documented well.


was (Author: vpipkt):
The new AWSCredentialsProviderControllerService see NIFI-1325 will use the 
Default Credential Provider Chain if no value is set for any of its properties. 
However this is not documented well.

> Add other supporting options for configuring credentials for AWS processors
> ---------------------------------------------------------------------------
>
>                 Key: NIFI-786
>                 URL: https://issues.apache.org/jira/browse/NIFI-786
>             Project: Apache NiFi
>          Issue Type: Improvement
>    Affects Versions: 0.3.0
>            Reporter: Michael Kobit
>            Priority: Minor
>
> I was looking at https://issues.apache.org/jira/browse/NIFI-770 and looked at 
> how the AWS processors credentials are currently configured. As a NFM you 
> have a few options with the properties right now:
> 1) set basic, static credentials
> 2) set a credentials properties filepath
> 3) set neither, use anonymous credentials
> I think it would be better if each AWS could rely on a ControllerService that 
> returns `AWSCredentialsProvider` (instead of  `AWSCredentials`) that gives 
> all of the possible implementations that could be used, rather than relying 
> on a static credentials. *Provider implementations can be refreshed and can 
> also  other more complicated implementations, but already have built in 
> support for the Static and Properties file that are provided by NiFi today.
> My thinking is that the controller service would be something like
> public interface AwsCredentialsProviderService extends ControllerService {
>       AWSCredentialsProvider getCredentialsProvider();
> }
> and you could have `StaticAwsCredentialsProviderService`, 
> `PropertiesFileAwsCredentialsProviderService`, and 
> `AnonymousAwsCredentialsProviderService` to provide the functionality that is 
> supported right now. Additional credential providers could be added later, as 
> there a bunch more AWS provided versions that I think could fit in well.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to