Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue 631/Support for STS regional endpoint config #636

Conversation

joakibo
Copy link

@joakibo joakibo commented Jun 26, 2023

Attempts to fix #631 . No testing done, needs input from R experts on the general strategy and placement of code.

  • Remove hardcoded region for STS service when used in backend
  • Add functions in config.R which will check the STS Regional Endpoints envvar + config file
  • Dynamic endpoints list for the STS service, metadata endpoints is updated when STS client is initiated

@joakibo joakibo changed the title Issue 631/Ssupport for sts regional endpoint config Issue 631/Support for STS regional endpoint config Jun 26, 2023
@@ -311,7 +311,7 @@ get_creds_from_sts_resp <- function(resp) {
# `mfa_serial`, and the user will be prompted interactively to provide the
# current MFA token code.
get_assumed_role_creds <- function(role_arn, role_session_name, mfa_serial, creds) {
svc <- sts(config = list(credentials = list(creds = creds), region = "us-east-1"))
svc <- sts(config = list(credentials = list(creds = creds)))
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Possibly need something more here, in case users are setting region in the client configs, then how to get it in here. It's not good to hardcode at least, so need a different solution.


.get_sts_endpoints <- function(profile = "") {

sts_regional_endpoint <- get_sts_regional_endpoint(profile)
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this function from client.R be available in this context?

@@ -102,6 +102,7 @@ NULL
#' @rdname sts
#' @export
sts <- function(config = list()) {
.sts$metadata$endpoints <- .get_sts_endpoints(config$profile)
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This felt a little dirty, but since endpoints is dependent on profile this seemed like the natural way to do it.

@DyfanJones
Copy link
Member

I think I am understanding this issue a little better, I believe we need to create custom_sts.R script similar to https://github.com/paws-r/paws/blob/main/paws.common/R/custom_s3.R so that only sts methods are affect. Will have a better look at this tomorrow :)

@joakibo
Copy link
Author

joakibo commented Jun 26, 2023

Sounds good, thanks. Having it in this custom script makes sense. I don’t have a good understanding of the code base, easier for you to deduce where things should go 👍

Changes outlined here should at least be sufficient as I see it.

@DyfanJones
Copy link
Member

@joakibo I believe we are in a good place with this. Will need to create some unit tests to fully test out the functionality. But I think it is nearly done. Please feel free to test it out and let me know

@codecov
Copy link

codecov bot commented Jun 27, 2023

Codecov Report

Patch coverage has no change and project coverage change: -0.34 ⚠️

Comparison is base (2aabd00) 84.07% compared to head (690625c) 83.73%.

❗ Current head 690625c differs from pull request most recent head f5ef96d. Consider uploading reports for the commit f5ef96d to get more accurate results

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #636      +/-   ##
==========================================
- Coverage   84.07%   83.73%   -0.34%     
==========================================
  Files          63       63              
  Lines        4214     4305      +91     
==========================================
+ Hits         3543     3605      +62     
- Misses        671      700      +29     

see 126 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@DyfanJones DyfanJones merged commit c3cf3f5 into paws-r:main Jun 28, 2023
@joakibo
Copy link
Author

joakibo commented Jun 29, 2023

Thanks a lot @DyfanJones, looking forward to apply this fix on our side. Sorry for not being able to test this and assist more.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

sts endpoint - respect sts_regional_endpoints = regional or AWS_STS_REGIONAL_ENDPOINTS
2 participants