<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:38:08 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[GODRIVER-2241] AWS credential refreshing</title>
                <link>https://jira.mongodb.org/browse/GODRIVER-2241</link>
                <project id="14289" key="GODRIVER">Go Driver</project>
                    <description>&lt;p&gt;&lt;b&gt;Background &amp;amp; Motivation&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;The Driver Authentication specification describes four ways of &lt;a href=&quot;https://github.com/mongodb/specifications/blob/master/source/auth/auth.rst#obtaining-credentials&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;obtaining credentials&lt;/a&gt; for the MONGODB-AWS authentication mechanism.&lt;/p&gt;

&lt;p&gt;1. From the URI username, password, and options.&lt;br/&gt;
2. From environment variables.&lt;br/&gt;
3. From querying an endpoint for credentials in ECS.&lt;br/&gt;
4. From querying an endpoint for credentials in EC2.&lt;/p&gt;

&lt;p&gt;This is a request to implement an equivalent API as &lt;a href=&quot;https://jira.mongodb.org/browse/JAVA-4310&quot; title=&quot;AWS credential refreshing&quot; class=&quot;issue-link&quot; data-issue-key=&quot;JAVA-4310&quot;&gt;&lt;del&gt;JAVA-4310&lt;/del&gt;&lt;/a&gt;. &lt;a href=&quot;https://jira.mongodb.org/browse/JAVA-4310&quot; title=&quot;AWS credential refreshing&quot; class=&quot;issue-link&quot; data-issue-key=&quot;JAVA-4310&quot;&gt;&lt;del&gt;JAVA-4310&lt;/del&gt;&lt;/a&gt; is currently marked as beta API.&lt;/p&gt;

&lt;p&gt;The original motivation for this feature request is to enable a way to cache credentials. In (3) and (4) the endpoint is queried each time a connection handshake results in authentication. This can result in hitting &lt;/p&gt;

&lt;p&gt;There are other motivations. The AWS session token set in (1) or (2) may be temporary and can expire. A callback enables passing and refreshing credentials in environments like EKS with assigned IAM roles.&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Scope&lt;/b&gt;&lt;/p&gt;
&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Add client option callback to supply AWS credentials on each authentication attempt.&lt;/li&gt;
	&lt;li&gt;Add client option as unstable API.&lt;/li&gt;
&lt;/ul&gt;
</description>
                <environment></environment>
        <key id="1931287">GODRIVER-2241</key>
            <summary>AWS credential refreshing</summary>
                <type id="2" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14711&amp;avatarType=issuetype">New Feature</type>
                                            <priority id="10300" iconUrl="https://jira.mongodb.org/images/icons/priorities/medium.svg">Unknown</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="2">Won&apos;t Fix</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="kevin.albertson@mongodb.com">Kevin Albertson</reporter>
                        <labels>
                    </labels>
                <created>Mon, 22 Nov 2021 18:44:17 +0000</created>
                <updated>Mon, 3 Oct 2022 19:49:36 +0000</updated>
                            <resolved>Mon, 3 Oct 2022 19:49:36 +0000</resolved>
                                                                                        <votes>1</votes>
                                    <watches>10</watches>
                                                                                                                <comments>
                            <comment id="4874297" author="kevin.albertson" created="Mon, 3 Oct 2022 19:49:36 +0000"  >&lt;p&gt;Per &lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-2011?focusedCommentId=4859543&amp;amp;page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-4859543&quot; class=&quot;external-link&quot; rel=&quot;nofollow&quot;&gt;https://jira.mongodb.org/browse/DRIVERS-2011?focusedCommentId=4859543&amp;amp;page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-4859543&lt;/a&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;We prioritized &lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-2333&quot; title=&quot;Cache AWS Credentials Where Possible&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DRIVERS-2333&quot;&gt;&lt;del&gt;DRIVERS-2333&lt;/del&gt;&lt;/a&gt; to handle the rate-limiting case and &lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-1746&quot; title=&quot;Add native support for AWS IAM Roles for service accounts, EKS in particular&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DRIVERS-1746&quot;&gt;&lt;del&gt;DRIVERS-1746&lt;/del&gt;&lt;/a&gt; to handle IAM roles for service accounts.&lt;/p&gt;&lt;/blockquote&gt;</comment>
                            <comment id="4426523" author="kevin.albertson" created="Tue, 22 Mar 2022 13:46:32 +0000"  >&lt;p&gt;We are targeting early June, 2022 however this date may change.&lt;/p&gt;</comment>
                            <comment id="4424627" author="JIRAUSER1260950" created="Mon, 21 Mar 2022 17:51:02 +0000"  >&lt;p&gt;Hi, we have currently blocker for this to rollout AWS Based authentication to production. Is there any update or ETA when this will available in Go Driver?&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;And also it would be great if the MongoDB documentation is updated with this is limitation. currently Document doesn&apos;t mention anything about this.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="1953998">DRIVERS-2011</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="1820962">GODRIVER-2081</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                    <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[5006R00001mfKaRQAU]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hzunk7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>