Skip to content

Add aws default credentials provider #3842

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
CTMBNara merged 16 commits into from
Apr 25, 2025
Merged

Add aws default credentials provider #3842

CTMBNara merged 16 commits into from
Apr 25, 2025
+63 −15

Conversation

@ianwow
Copy link
Contributor

@ianwow ianwow commented Mar 17, 2025

🔧 Type of changes

  • new bid adapter
  • bid adapter update
  • new feature
  • new analytics adapter
  • new module
  • module update
  • bugfix
  • documentation
  • configuration
  • dependency update
  • tech debt (test coverage, refactorings, etc.)

✨ What's the context?

Currently, the S3 integration for prebid-server-java requires AWS credentials to be explicitly defined in the config yaml file. The SettingsConfiguration class in PBS Java uses AwsBasicCredentials to authenticate S3 requests, making credential storage in the YAML file mandatory. However, this is not good practice for credential management. This PR adds another credentials provider that will look for credentials in this order:

  • Java System Properties
  • Environment Variables
  • Web Identity Token
  • AWS credentials file (~/.aws/credentials)
  • ECS container credentials
  • EC2 instance profile

🧠 Rationale behind the change

So that S3 integration can be used with the recommended practices for AWS credential management.

🧪 Test plan

  • If accessKeyId and secretAccessKey are provided in the config yaml file, then verify that they are still used.
  • If they are not provided in the config yaml file, then verify that AWS credentials are found in the order described above.

🏎 Quality check

  • [ x ] Are your changes following our code style guidelines?
  • [ no ] Are there any breaking changes in your code?
  • [ yes ] Does your test coverage exceed 90%?
  • [ no ] Are there any erroneous console logs, debuggers or leftover code in your changes?

@Net-burst Net-burst requested a review from osulzhenko March 19, 2025 13:23
muuki88
muuki88 previously approved these changes Mar 21, 2025
View reviewed changes
Copy link
Contributor

@muuki88 muuki88 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is great. Thanks for improving this feature 😊

osulzhenko
osulzhenko previously approved these changes Mar 25, 2025
View reviewed changes
CTMBNara
CTMBNara requested changes Apr 1, 2025
View reviewed changes
@ianwow ianwow dismissed stale reviews from muuki88 and osulzhenko via 7c5f309 April 2, 2025 22:48
@ianwow ianwow requested a review from CTMBNara April 3, 2025 04:35
ianwow added 9 commits April 3, 2025 09:08
@ianwow
Merge branch 'prebid:master' into add_aws_default_credentials_provider
f8bda49
@ianwow
noop
ed2043f
@ianwow
relax execution time assertion in HookStageExecutorTest
afcc31a 
The "HookStageExecutorTest#shouldExecuteEntrypointHooksToleratingTimeoutAndFailedFuture" test has been failing intermittently due to strict time boundaries (50-70ms) 
for hook execution. This commit increases the acceptable range to account for slight variations in execution time across different environments.

- Previous range: 50-70ms
- New range: 50-80ms
@ianwow
Merge branch 'prebid:master' into add_aws_default_credentials_provider
1c617c8
@ianwow
noop
9b682c2
@ianwow
Merge branch 'prebid:master' into add_aws_default_credentials_provider
9c40733
@ianwow
refactor s3AsyncClient
a6fa0a7 
Adopting feedback from PR. prebid#3842 (comment)
@ianwow
remove trailing spaces
8ed22cc
@ianwow
remove unused import
af2fdba
@CTMBNara CTMBNara merged commit c191cd5 into prebid:master Apr 25, 2025
7 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@muuki88 muuki88 muuki88 approved these changes

@CTMBNara CTMBNara CTMBNara approved these changes

@osulzhenko osulzhenko osulzhenko left review comments

Assignees

@ianwow ianwow

Labels

do not port

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ianwow @muuki88 @CTMBNara @osulzhenko