You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "iain smith (Jira)" <ji...@apache.org> on 2022/06/21 12:21:00 UTC

[jira] (NIFI-7900) Add AWS session token to AWSCredentialsProvider

    [ https://issues.apache.org/jira/browse/NIFI-7900 ]


    iain smith deleted comment on NIFI-7900:
    ----------------------------------

was (Author: JIRAUSER291337):
This really should be supported for Nifi running on EC2 instances... we should not have to create an IAM user with static API keys for Nifi to use, when the EC2 already provides local API credentials which are more secure (ie. regularly auto-rotated, and not likely to set off irritating security non-compliance alerts!)

> Add AWS session token to AWSCredentialsProvider
> -----------------------------------------------
>
>                 Key: NIFI-7900
>                 URL: https://issues.apache.org/jira/browse/NIFI-7900
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Extensions
>    Affects Versions: 1.9.2, 1.12.1
>            Reporter: Jody
>            Assignee: Peter Turcsanyi
>            Priority: Major
>
> As a NiFi user, I want to use AWS processors, e.g. PutS3Object processor, with temporary credentials to allow connecting to secure AWS environments that make use of the AWS Security Token Service. 
>  
> The NiFi AWSCredentialsProviderControllerService is giving an option to add the required fields for using temporary credentials. While access key id and secret access key properties can be configured, the property "session token" is not available. The session token property must be provided when temporary credentials are used. If the session token is not presented, an error will be thrown: "The AWS Access Key Id you provided does not exist in our records. (Service: Amazon S3; Status Code: 403; Error Code: InvalidAccessKeyId"



--
This message was sent by Atlassian Jira
(v8.20.7#820007)