Merge pull request #107 from OlegBoulanov/develop

Minor role names comparison fix
OlegBoulanov · Sep 30, 2022 · 2fa1aca · 2fa1aca
2 parents 1d59548 + b9b8df4
commit 2fa1aca
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/s3iLib/AmazonAccount.cs b/s3iLib/AmazonAccount.cs
@@ -6,6 +6,7 @@
 using System.Threading.Tasks;
 using System.Diagnostics.Contracts;
 
+using Amazon;
 using Amazon.Runtime;
 using Amazon.Runtime.CredentialManagement;
 using Amazon.S3;
@@ -34,7 +35,9 @@ public static class AmazonAccount
             {
                 // not running on EC2
             }
-            return string.IsNullOrWhiteSpace(instanceRoleName) || !profile.Options.RoleArn.EndsWith(instanceRoleName)
+            var parts = profile.Options.RoleArn.Split('/');     // arn:aws:iam::1234567890:role/name
+            var roleName = 2 == parts.Length ? parts[1] : "";   // never null
+            return string.IsNullOrWhiteSpace(instanceRoleName) || !roleName.Equals(instanceRoleName)
                 ? profile.GetAWSCredentials(profile.CredentialProfileStore) // follow standard chain: https://docs.aws.amazon.com/sdk-for-net/v3/developer-guide/creds-assign.html
                 : new InstanceProfileAWSCredentials(instanceRoleName);      // use instance refreshed credentials directly (not assuming any roles)
         });