Github user tzulitai commented on the issue:
https://github.com/apache/flink/pull/2914
I've tested the `AUTO` config behaviour, and it works as expected in EMR /
EC2 environments, so the Kinesis API part should be working fine.
Let me summarize the new behaviour after the proposed changes (@tony810430
please correct me if I've got anything wrong):
- If no credential provider type is provided, `AUTO` is used.
- If the user has provided `AWS_SECRET_ACCESS_KEY` and `AWS_ACCESS_KEY_ID`,
regardless of the credential provider type provided (i.e. even if it's set to
`AUTO` / `SYS_PROPS` etc.), the `BASIC` type will be used.
The second behaviour seems a little odd to me; in general, I think the
`AWS_CREDENTIALS_PROVIDER` setting should have higher precedence.
Also, logic between `validateAwsConfiguration` and
`AWSUtils.getCredentialsProvider()` seems a bit too "coupled" now with the
proposed changes. I think we should probably fallback the value of
`AWS_CREDENTIALS_PROVIDER` for the user in `validateAwsConfiguration`. What I
have in mind for `validateAwsConfiguration`:
- if the user hasn't set any value for `AWS_CREDENTIALS_PROVIDER`, we set
it for them - if access key and secret access key exists, set `BASIC`,
otherwise just use `AUTO` (the default).
- if the user has a value for `AWS_CREDENTIALS_PROVIDER`, just leave it as
is.
In `AWS_CREDENTIALS_PROVIDER`, we can then just start of by reading the
`AWS_CREDENTIALS_PROVIDER` property and instantiate credentials accordingly.
@tony810430 what do you think?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
