You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by ex...@apache.org on 2024/02/13 00:05:21 UTC

(nifi) branch main updated: NIFI-12766 Fixed Region handling for AWS Assume Role Credentials

This is an automated email from the ASF dual-hosted git repository.

exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
     new 9ba68edb5f NIFI-12766 Fixed Region handling for AWS Assume Role Credentials
9ba68edb5f is described below

commit 9ba68edb5fc39fb63fb745f81fac1f2030f761e0
Author: Peter Turcsanyi <tu...@apache.org>
AuthorDate: Fri Feb 9 18:48:32 2024 +0100

    NIFI-12766 Fixed Region handling for AWS Assume Role Credentials
    
    This closes #8382
    
    Signed-off-by: David Handermann <ex...@apache.org>
---
 .../provider/factory/strategies/AssumeRoleCredentialsStrategy.java     | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java b/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java
index c662a38284..4fa8a76478 100644
--- a/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java
+++ b/nifi-nar-bundles/nifi-aws-bundle/nifi-aws-processors/src/main/java/org/apache/nifi/processors/aws/credentials/provider/factory/strategies/AssumeRoleCredentialsStrategy.java
@@ -178,12 +178,13 @@ public class AssumeRoleCredentialsStrategy extends AbstractCredentialsStrategy {
 
         AWSSecurityTokenServiceClientBuilder securityTokenServiceBuilder = AWSSecurityTokenServiceClient.builder()
                 .withCredentials(primaryCredentialsProvider)
-                .withRegion(assumeRoleSTSRegion)
                 .withClientConfiguration(config);
 
         if (assumeRoleSTSEndpoint != null && !assumeRoleSTSEndpoint.isEmpty()) {
             AwsClientBuilder.EndpointConfiguration endpointConfiguration = new AwsClientBuilder.EndpointConfiguration(assumeRoleSTSEndpoint, assumeRoleSTSRegion);
             securityTokenServiceBuilder.withEndpointConfiguration(endpointConfiguration);
+        } else {
+            securityTokenServiceBuilder.withRegion(assumeRoleSTSRegion);
         }
 
         STSAssumeRoleSessionCredentialsProvider.Builder builder = new STSAssumeRoleSessionCredentialsProvider.Builder(assumeRoleArn, assumeRoleName)