[JAVA-4604] Obtain AWS credentials for CSFLE in the same way as for MONGODB-AWS Created: 05/May/22  Updated: 31/Dec/22  Resolved: 17/Aug/22

Status: Closed
Project: Java Driver
Component/s: Client Side Encryption
Affects Version/s: None
Fix Version/s: None

Type: New Feature Priority: Major - P3
Reporter: PM Bot Assignee: Jeffrey Yemin
Resolution: Duplicate Votes: 0
Labels: QP-priority
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Issue split
split from DRIVERS-2280 Obtain AWS credentials for CSFLE in t... Closed
Related
related to JAVA-4499 Obtain AWS credentials for CSFLE in t... Closed
Quarter: FY23Q3
Upstream Changes Summary:

DRIVERS-2280:

  • Call mongocrypt_setopt_use_need_kms_credentials_state to opt in to handling the new MONGOCRYPT_CTX_NEED_KMS_CREDENTIALS state.
  • Handle the new MONGOCRYPT_CTX_NEED_KMS_CREDENTIALS state. If the originally configured KMS providers have an empty aws: {}, attempt to obtain AWS credentials following the logic of Obtaining Credentials (excluding the URI section). Pass the new credentials back with mongocrypt_ctx_provide_kms_providers.
  • A new CSFLE prose test is introduced in 5cf3ed7.

Please see the C driver implementation as a reference. Note: the C driver also supports a user-provided callback for KMS providers. That is not in scope of DRIVERS-2280.

Documentation Changes: Not Needed

 Description   

This ticket was split from DRIVERS-2280, please see that ticket for a detailed description.



 Comments   
Comment by Jeffrey Yemin [ 27/Jul/22 ]

This work was already done in scope of JAVA-4499 but we should still check to see if it's compliant with the spec and if there are any spec tests to implement.

Generated at Thu Feb 08 09:02:30 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.