[JAVA-4179] Authenticate to mongo ATLAS using AWS IAM role, defined in AWS_ROLE_ARN environment variable, instead of role defined in instance metadata Created: 26/May/21 Updated: 04/May/22 Resolved: 27/May/21 |
|
| Status: | Closed |
| Project: | Java Driver |
| Component/s: | Authentication |
| Affects Version/s: | 4.3.0 |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Unknown |
| Reporter: | Stephane Kouassi | Assignee: | Unassigned |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | external-user | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
AWS EKS |
||
| Issue Links: |
|
||||||||
| Description |
|
In an application running in AWW EKS, when trying to authenticate to mongo atlas using an AWS IAM Role, the driver should try to get the temporary credentials using the role defined in the environment variable AWS_ROLE_ARN, before getting the temporary credentials using the instance metadata. This is useful when running an application in AWS EKS, where an AWS IAM Role can be defined for a specific container. In that case the mongo java driver will use this role to get the temporary credentials instead of getting the temporary credentials from the EKS worker node instance metadata. |
| Comments |
| Comment by Jeffrey Yemin [ 27/May/21 ] |
|
Thanks skouassi@regmail.west.com for finding the duplicate for us. |
| Comment by Stephane Kouassi [ 27/May/21 ] |
|
This issue can be closed as it's a duplicate of |