-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS session token support broken #5156
Labels
bug
Something isn't working
Comments
See #5155 (draft) for fix. |
JacobHenner
changed the title
Support for AWS session tokens broken
AWS session token support broken
Nov 2, 2023
Good catch, thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Report
Support for AWS session tokens (introduced in #2573) was inadvertently broken in 1d6d0f1, when
credentials.NewStaticCredentials(metadata.awsAuthorization.awsAccessKeyID, metadata.awsAuthorization.awsSecretAccessKey, metadata.awsAuthorization.awsSessionToken)
was replaced withcredentials.NewStaticCredentials(metadata.awsAuthorization.awsAccessKeyID, metadata.awsAuthorization.awsSecretAccessKey, "")
. This prevents AWS scalers from authenticating to AWS when session tokens are in use.Expected Behavior
AWS scalers should function as expected.
Actual Behavior
KEDA fails with the following event text:
InvalidClientTokenId: The security token included in the request is invalid. status code: 403
Steps to Reproduce the Problem
Attempt to use an AWS scaler (e.g. the SQS scaler) with AWS credentials that require session tokens, with the
awsSessionToken
field set as expected.Logs from KEDA operator
No response
KEDA Version
2.10.1
Kubernetes Version
None
Platform
Amazon Web Services
Scaler Details
AWS SQS
Anything else?
No response
The text was updated successfully, but these errors were encountered: