Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support default role assumers #2221

Merged
merged 6 commits into from
Apr 9, 2021
Merged

feat: support default role assumers #2221

merged 6 commits into from
Apr 9, 2021

Conversation

AllanZhengYP
Copy link
Contributor

Issue

Resolves #2087
Resolves #1998
Resolves #2011
Resolves #1193

Replaces #2179

Description

This change provides default role assumer for the default credentials provider that calls sts:assumeRole or sts:assumeRoleWithWebIdentity under the hood. As a result, users don't need to import STS client and supply their own role assumer(like mentioned in #1193).

These assumer is exported from STS client not the packages/ folder because it can avoid circular dependency. The credential-provider-* packages having any dependency over STS client will cause the same issue. As a result this change makes the source code comply the contract that clients/ depends on packages/; lib/ depends on packages/ and clients/.

Testing

✅ It has been manually tested with credential files containing assume role chaining
✅ It has been validate with bundler(Webpack) that tree shaking work well

Additional context

This PR is based #2179 but it doen't use dynamic import, and doen't introduce separate STS clients.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@AllanZhengYP AllanZhengYP mentioned this pull request Apr 8, 2021
Closed
@AllanZhengYP AllanZhengYP force-pushed the assume-role-automation-alternative-3 branch 2 times, most recently from 5f99930 to 0eae9ac Compare April 9, 2021 16:36
@AllanZhengYP AllanZhengYP force-pushed the assume-role-automation-alternative-3 branch from 0eae9ac to db67264 Compare April 9, 2021 19:43
trivikr
trivikr approved these changes Apr 9, 2021
View reviewed changes
Copy link
Member

@trivikr trivikr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, just one nit.

packages/middleware-sdk-sts/package.json Outdated Show resolved Hide resolved
@AllanZhengYP @trivikr
fix: address feedbacks
0eb0274 
Co-authored-by: Trivikram Kamat <[email protected]>
@AllanZhengYP AllanZhengYP merged commit ae17f4c into aws:main Apr 9, 2021
@aws-sdk-js-automation
Copy link

AWS CodeBuild CI Report

  • CodeBuild project: sdk-staging-test
  • Commit ID: 0eb0274
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

This was referenced Apr 11, 2021
Merged
Closed
Closed
@github-actions
Copy link

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 24, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@trivikr trivikr trivikr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@AllanZhengYP @aws-sdk-js-automation @trivikr