[ https://issues.apache.org/jira/browse/NIFI-7900?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17556793#comment-17556793 ]
iain smith edited comment on NIFI-7900 at 6/21/22 11:02 AM: ------------------------------------------------------------ I've just noticed on [https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-aws-nar/1.15.3/org.apache.nifi.processors.aws.credentials.provider.service.AWSCredentialsProviderControllerService/index.html] "Uses default credentials without configuration. Default credentials support EC2 instance profile/role, default user profile, environment variables, etc" Is using the temporary credentials from an EC2 instance profile/role already supported? (going to test this) was (Author: JIRAUSER291337): I've just noticed on [https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-aws-nar/1.15.3/org.apache.nifi.processors.aws.credentials.provider.service.AWSCredentialsProviderControllerService/index.html] "Uses default credentials without configuration. Default credentials support EC2 instance profile/role, default user profile, environment variables, etc" Is using the temporary credentials from an EC2 instance profile/role already supported? If so, should they be being automatically detected and used as long as no key id / access key is configured in nifi? > Add AWS session token to AWSCredentialsProvider > ----------------------------------------------- > > Key: NIFI-7900 > URL: https://issues.apache.org/jira/browse/NIFI-7900 > Project: Apache NiFi > Issue Type: Improvement > Components: Extensions > Affects Versions: 1.9.2, 1.12.1 > Reporter: Jody > Assignee: Peter Turcsanyi > Priority: Major > > As a NiFi user, I want to use AWS processors, e.g. PutS3Object processor, > with temporary credentials to allow connecting to secure AWS environments > that make use of the AWS Security Token Service. > > The NiFi AWSCredentialsProviderControllerService is giving an option to add > the required fields for using temporary credentials. While access key id and > secret access key properties can be configured, the property "session token" > is not available. The session token property must be provided when temporary > credentials are used. If the session token is not presented, an error will be > thrown: "The AWS Access Key Id you provided does not exist in our records. > (Service: Amazon S3; Status Code: 403; Error Code: InvalidAccessKeyId" -- This message was sent by Atlassian Jira (v8.20.7#820007)