(nifi) branch main updated: NIFI-12766 Fixed Region handling for AWS Assume Role Credentials

Mon, 12 Feb 2024 16:05:26 -0800 

This is an automated email from the ASF dual-hosted git repository.

exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
     new 9ba68edb5f NIFI-12766 Fixed Region handling for AWS Assume Role 
Credentials
9ba68edb5f is described below

commit 9ba68edb5fc39fb63fb745f81fac1f2030f761e0
Author: Peter Turcsanyi <turcsa...@apache.org>
AuthorDate: Fri Feb 9 18:48:32 2024 +0100

    NIFI-12766 Fixed Region handling for AWS Assume Role Credentials
    
    This closes #8382
    
    Signed-off-by: David Handermann <exceptionfact...@apache.org>
---
 .../provider/factory/strategies/AssumeRoleCredentialsStrategy.java     | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git 
a/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java
 
b/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java
index c662a38284..4fa8a76478 100644
--- 
a/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java
+++ 
b/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java
@@ -178,12 +178,13 @@ public class AssumeRoleCredentialsStrategy extends 
AbstractCredentialsStrategy {
 
         AWSSecurityTokenServiceClientBuilder securityTokenServiceBuilder = 
AWSSecurityTokenServiceClient.builder()
                 .withCredentials(primaryCredentialsProvider)
-                .withRegion(assumeRoleSTSRegion)
                 .withClientConfiguration(config);
 
         if (assumeRoleSTSEndpoint != null && !assumeRoleSTSEndpoint.isEmpty()) 
{
             AwsClientBuilder.EndpointConfiguration endpointConfiguration = new 
AwsClientBuilder.EndpointConfiguration(assumeRoleSTSEndpoint, 
assumeRoleSTSRegion);
             
securityTokenServiceBuilder.withEndpointConfiguration(endpointConfiguration);
+        } else {
+            securityTokenServiceBuilder.withRegion(assumeRoleSTSRegion);
         }
 
         STSAssumeRoleSessionCredentialsProvider.Builder builder = new 
STSAssumeRoleSessionCredentialsProvider.Builder(assumeRoleArn, assumeRoleName)

Reply via email to