Skip to content

Add aws default credentials provider v2 #3901

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
ianwow wants to merge 2 commits into from
Closed

Add aws default credentials provider v2 #3901

ianwow wants to merge 2 commits into from

Conversation

@ianwow
Copy link
Contributor

@ianwow ianwow commented Apr 8, 2025

🔧 Type of changes

  • new bid adapter
  • bid adapter update
  • new feature
  • new analytics adapter
  • new module
  • module update
  • bugfix
  • documentation
  • configuration
  • dependency update
  • tech debt (test coverage, refactorings, etc.)

✨ What's the context?

Currently, the S3 integration for prebid-server-java requires AWS credentials to be explicitly defined in the config yaml file. The SettingsConfiguration class in PBS Java uses AwsBasicCredentials to authenticate S3 requests, making credential storage in the YAML file mandatory. However, this is not good practice for credential management. This PR adds another credentials provider that will look for credentials in this order:

  • Java System Properties
  • Environment Variables
  • Web Identity Token
  • AWS credentials file (~/.aws/credentials)
  • ECS container credentials
  • EC2 instance profile

🧠 Rationale behind the change

So that S3 integration can be used with the recommended practices for AWS credential management.

🧪 Test plan

  • If accessKeyId and secretAccessKey are provided in the config yaml file, then verify that they are still used.
  • If they are not provided in the config yaml file, then verify that AWS credentials are found in the order described above.

🏎 Quality check

  • [ x ] Are your changes following our code style guidelines?
  • [ no ] Are there any breaking changes in your code?
  • [ yes ] Does your test coverage exceed 90%?
  • [ no ] Are there any erroneous console logs, debuggers or leftover code in your changes?

EC2 Default User added 2 commits April 8, 2025 16:40
add AWS default credentials provider
eb8c30d
fix: adjust hook execution time assertion range in HookStageExecutorTest
8c4c61b 
The test was failing intermittently due to strict time boundaries (50-70ms)
for hook execution. Widened the acceptable range to account for slight
variations in execution time across different environments.

- Previous range: 50-70ms
- New range: 50-80ms

Test: HookStageExecutorTest#shouldExecuteEntrypointHooksToleratingTimeoutAndFailedFuture
@ianwow ianwow closed this Apr 8, 2025
@ianwow ianwow deleted the add_aws_default_credentials_provider_v2 branch April 8, 2025 20:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ianwow