chore(credential-provider-node): emit warning when AWS_PROFILE is set alongside ENV credentials #6277
Conversation
… alongside ENV credentials
| if (!multipleCredentialSourceWarningEmitted) { | ||
| const warnFn = | ||
| init.logger?.warn && init.logger?.constructor?.name !== "NoOpLogger" ? init.logger.warn : console.warn; | ||
| warnFn( |
There was a problem hiding this comment.
This warning is emitted here in the default provider chain rather than in the fromEnv provider function.
The reason for this is because when using the fromEnv provider in isolation, it doesn't matter if the AWS_PROFILE is set or not.
|
Example warning @aws-sdk/credential-provider-node - defaultProvider::fromEnv WARNING:
Multiple credential sources detected:
Both AWS_PROFILE and the pair AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY static credentials are set.
This SDK will proceed with the AWS_PROFILE value.
However, a future version may change this behavior to prefer the ENV static credentials.
Please ensure that your environment only sets either the AWS_PROFILE or the
AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY pair. |
|
@kuhe I believe this has introduced a regression.
I am currently working on a script to reproduce for you. This was observed on an ec2 instance after running |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread. |
Issue
#2549
Description
Emit a warning when the environment sets AWS_PROFILE in addition to the pair AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY.
We should be resolving the credential pair based on AWS SDK JSv2, AWS CLI, and documentation, but the current implementation prefers AWS_PROFILE.
Because this has been released for a very long time, we should set a warning instead of directly switching over to preferring the credential pair.
We could determine a specific date later on which to change the behavior over to preferring the credential pair.
Testing
manual, integ, unit