<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:23:21 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DRIVERS-1405] For MONGODB-AWS, follow AWS-SDK conventions for resolving credentials</title>
                <link>https://jira.mongodb.org/browse/DRIVERS-1405</link>
                <project id="10980" key="DRIVERS">Drivers</project>
                    <description>&lt;p&gt;&lt;a href=&quot;https://github.com/mongodb/specifications/blob/master/source/auth/auth.rst#id60&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;Per the current spec&lt;/a&gt;, MongoDB drivers currently resolve AWS credentials in the following order:&lt;/p&gt;
&lt;blockquote&gt;&lt;p&gt;The order in which Drivers MUST search for credentials is:&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;Credentials passed through the URI&lt;/li&gt;
	&lt;li&gt;Environment variables&lt;/li&gt;
	&lt;li&gt;ECS endpoint if and only if AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is set.&lt;/li&gt;
	&lt;li&gt;EC2 endpoint&lt;/li&gt;
&lt;/ol&gt;
&lt;/blockquote&gt;
&lt;p&gt;This flow is a slight deviation from how the AWS-SDK resolves credentials, which is roughly as follows:&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;Environment variables&lt;/li&gt;
	&lt;li&gt;The default credential profiles file&#8211; typically located at ~/.aws/credentials (location can vary per platform), and shared by many of the AWS SDKs and by the AWS CLI.&lt;/li&gt;
	&lt;li&gt;ECS endpoint if the environment variable AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is set.&#160;&lt;/li&gt;
	&lt;li&gt;EC2 endpoint&lt;/li&gt;
&lt;/ol&gt;


&lt;p&gt;Because most AWS tooling that includes the AWS SDK follows this resolution, it was &lt;a href=&quot;https://en.wikipedia.org/wiki/Principle_of_least_astonishment&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;surprising&lt;/a&gt; to learn&#160;that ~/.aws/config was not supported. &lt;/p&gt;

&lt;p&gt;As a frequent user of AWS services, I have many different named profiles within my AWS configuration that allows me to switch context when authenticating. Using a named profile also allows me to &lt;a href=&quot;https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#sourcing-credentials-from-external-processes&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;instrument custom process for obtaining credentials&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;Because I could not use the ~/.aws/config file, I wrote a small Python3 library/CLI tool to fill that gap: &lt;a href=&quot;https://mongodb-iam-connection-string.readthedocs.io/en/latest/readme.html&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://mongodb-iam-connection-string.readthedocs.io/en/latest/readme.html&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;I think it would be beneficial to have drivers implement the same credential resolution chain to avoid incompatibility with usage that includes the ~/.aws/config file.&lt;/p&gt;</description>
                <environment></environment>
        <key id="1496477">DRIVERS-1405</key>
            <summary>For MONGODB-AWS, follow AWS-SDK conventions for resolving credentials</summary>
                <type id="2" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14711&amp;avatarType=issuetype">New Feature</type>
                                            <priority id="5" iconUrl="https://jira.mongodb.org/images/icons/priorities/trivial.svg">Trivial - P5</priority>
                        <status id="10038" iconUrl="https://jira.mongodb.org/images/icons/subtask.gif" description="">Backlog</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="darren.gruber@mongodb.com">Darren Gruber</reporter>
                        <labels>
                    </labels>
                <created>Wed, 30 Sep 2020 19:28:39 +0000</created>
                <updated>Mon, 13 Nov 2023 19:50:43 +0000</updated>
                                                                <component>Authentication</component>
                                        <votes>3</votes>
                                    <watches>11</watches>
                                                                                                                    <issuelinks>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                        <issuelink>
            <issuekey id="2160755">DRIVERS-2475</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                            <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[5002K00000uEycQQAS, 5006R00001xiYO1QAM]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_10951" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Driver Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10748"><![CDATA[Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hxw0cv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        </customfields>
    </item>
</channel>
</rss>