S3 ExecutionContext defaults not being set
aajtodd opened this issue · comments
Describe the bug
#1151 broke the way we generate mergeServiceDefaults
This appears to only affect S3
Expected behavior
Versions prior to 1.0.18:
private fun mergeServiceDefaults(ctx: ExecutionContext) {
ctx.putIfAbsentNotNull(AwsClientOption.Region, config.region)
ctx.putIfAbsent(SdkClientOption.ClientName, config.clientName)
ctx.putIfAbsent(SdkClientOption.LogMode, config.logMode)
ctx.putIfAbsent(AwsSigningAttributes.SigningService, "s3")
ctx.putIfAbsentNotNull(AwsSigningAttributes.SigningRegion, config.region)
ctx.putIfAbsent(AwsSigningAttributes.CredentialsProvider, config.credentialsProvider)
ctx.putIfAbsent(AwsSigningAttributes.NormalizeUriPath, false)
ctx.putIfAbsent(AwsSigningAttributes.UseDoubleUriEncode, false)
ctx.putIfAbsent(AwsSigningAttributes.SignedBodyHeader, AwsSignedBodyHeader.X_AMZ_CONTENT_SHA256)
}
Current behavior
Versions 1.0.18+
private fun mergeServiceDefaults(ctx: ExecutionContext) {
ctx.putIfAbsent(SdkClientOption.ClientName, config.clientName)
ctx.putIfAbsent(SdkClientOption.LogMode, config.logMode)
ctx.putIfAbsent(AwsSigningAttributes.NormalizeUriPath, false)
ctx.putIfAbsent(AwsSigningAttributes.UseDoubleUriEncode, false)
ctx.putIfAbsent(AwsSigningAttributes.SignedBodyHeader, AwsSignedBodyHeader.X_AMZ_CONTENT_SHA256)
}
Steps to Reproduce
This came about testing MRAP buckets and getting unexpected exception:
Exception in thread "main" java.lang.IllegalStateException: No instance for AttributeKey(aws.smithy.kotlin.signing#AwsSigningRegion)
This should never happen since SigningRegion
should always be set in the default execution context if a non-null region
is configured.
Possible Solution
No response
Context
No response
AWS Kotlin SDK version used
1.0.25
Platform (JVM/JS/Native)
JVM
Operating System and version
N/A
The reason this doesn't affect most S3 requests is that it's auth scheme resolver relies on the endpoint resolver which sets a signing region in the auth scheme attributes which ultimately get merged into the signing request.
(endpoint parameters have access to region
from both the service client config and/or bucket ARN)
return Endpoint(
Url.parse("https://${accessPointName}-${bucketArn?.accountId}.${outpostId}.s3-outposts.${bucketArn?.region}.${bucketPartition?.dnsSuffix}"),
attributes = attributesOf {
SigningContextAttributeKey to listOf(
sigV4(
serviceName = "s3-outposts",
disableDoubleUriEncode = true,
signingRegion = "${bucketArn?.region}",
),
)
},
)
}
For mrap/sigv4a requests this fails because it sets signingRegionSet
and not signingRegion
:
return Endpoint(
Url.parse("https://${accessPointName}.accesspoint.s3-global.${mrapPartition?.dnsSuffix}"),
attributes = attributesOf {
SigningContextAttributeKey to listOf(
sigV4A(
serviceName = "s3",
disableDoubleUriEncode = true,
signingRegionSet = listOf(
"*",
),
),
)
},
)
}
⚠️ COMMENT VISIBILITY WARNING⚠️
Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.