-
Notifications
You must be signed in to change notification settings - Fork 50
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
46 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
{ | ||
"id": "0b5b53ab-70c0-4c1b-a445-8663ae86d6d1", | ||
"type": "misc", | ||
"description": "Change precedence of profile chain to: Static credentials, Assume role with source profile OR Assume role with naned provider, Web identity token, SSO session, Legacy SSO, Process" | ||
"description": "The order of credentials resolution in config files has been updated to: static credentials, assume role with source profile OR assume role with named provider, web identity token, SSO session, legacy SSO, process" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
{ | ||
"id": "99a099e1-26c1-4ba1-b0d3-435609ea4e94", | ||
"type": "misc", | ||
"description": "Change order of credentials provider chain to: System properties, Environment variables, Web identity tokens, Profile, ECS, EC2" | ||
"description": "The order of credentials resolution in the credentials provider chain has been updated to: system properties, environment variables, web identity tokens, profile, ECS, EC2" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
An upcoming release of the **AWS SDK for Kotlin** will change the order of | ||
credentials resolution for the [default credentials provider chain](https://docs.aws.amazon.com/sdk-for-kotlin/latest/developer-guide/credential-providers.html#default-credential-provider-chain) | ||
and the order of credentials resolution for the AWS shared config files. | ||
|
||
# Release date | ||
|
||
This feature will ship with the **v1.4.x** release on xx/xx/xxxx. | ||
|
||
# What's changing | ||
|
||
The SDK will be changing the order in which credentials are resolved when | ||
using the default credentials provider chain. The new order will be: | ||
|
||
1. System properties | ||
2. Environment variables | ||
3. Assume role with web identity token | ||
4. Shared credentials and config files (profile) | ||
5. Amazon ECS container credentials | ||
6. Amazon EC2 Instance Metadata Service | ||
|
||
The [default credentials provider chain documentation](https://docs.aws.amazon.com/sdk-for-kotlin/latest/developer-guide/credential-providers.html#default-credential-provider-chain) | ||
contains more details on each credential source. | ||
|
||
The SDK will also be changing the order in which credentials are resolved from | ||
in the shared credentials and config files. The new order will be: | ||
|
||
1. Static credentials | ||
2. Assume role with source profile OR assume role with named provider (mutually exclusive) | ||
3. Web identity token | ||
4. SSO session | ||
5. Legacy SSO | ||
6. Process | ||
|
||
# How to migrate | ||
|
||
1. Upgrade all of your AWS SDK for Kotlin dependencies to **v.1.4.x**. | ||
2. Verify that the changes to the default credentials provider chain and credentials files do not introduce any issues in your program. | ||
3. If issues arise review the new credentials resolution order and adjust your configuration as needed. | ||
|
||
# Feedback | ||
|
||
If you have any questions concerning this change, please feel free to engage | ||
with us in this discussion. If you encounter a bug with these changes, please | ||
[file an issue](https://github.com/awslabs/aws-sdk-kotlin/issues/new/choose). |