airflow.providers.amazong.aws.hooks.base_aws.BaseSessionFactory feeds synchronous credentials to aiobotocore when using assume_role
#32732
Labels
area:providers
good first issue
kind:bug
This is a clearly a bug
provider:amazon-aws
AWS/Amazon - related issues
Apache Airflow version
2.6.3
What happened
Hi all, I'm having a bit of a problem with aiobotocore and the deferrable AWS Batch Operator. When deferrable is off, everything works fine, but for some very long running batch jobs I wanted to try out the async option. Example DAG:
And, for reference, this is running in an EC2 instance in one account that assumes a role in another account via STS to submit the job. Again, this all works fine when deferrable=False
If deferrable=True, however, the DAG works properly until it wakes up the first time.
I've identified the cause of this error:
airflow/airflow/providers/amazon/aws/hooks/base_aws.py
Line 211 in 15d42b4
airflow/airflow/providers/amazon/aws/hooks/base_aws.py
Line 204 in 15d42b4
These should be creating
aiobotocore.credentials.AioRefreshableCredentials
andaiobotocore.credentials.AioDeferredRefreshableCredentials
, respectively. I can confirm that replacingsession._session._credentials
attribute with these fixes the above error.I'm happy to submit a PR to resolve this.
What you think should happen instead
No response
How to reproduce
Attempt to use STS-based authentication with a deferrable AWS operator (any operator) and it will produce the below error:
Operating System
AmazonLinux2
Versions of Apache Airflow Providers
No response
Deployment
Virtualenv installation
Deployment details
No response
Anything else
No response
Are you willing to submit PR?
Code of Conduct
The text was updated successfully, but these errors were encountered: