Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Adding proxy support for AWS components working with Web Identity Tokens

See original GitHub issue

I try to use Camel AWS S3 with Web Identity Token on Quarkus 2.0.2-Final. I also included AWS STS in the classpath. For local development I need to work with a proxy.

It seems that the proxy settings are taken into account for S3, but are not working for the STS connectivity. The Quarkus start-up finally crashes with a timeout exception:

Unable to execute HTTP request: Connect to sts.eu-central-1.amazonaws.com:443 [sts.eu-central-1.amazonaws.com/54.239.54.197] failed: connect timed out

I used the following setup:

Route:

from(aws2S3("{{bucketName}}"))
    .log("body received: ${body}");

application.properties

# S3 Component
bucketName=my-bucket
camel.component.aws2-s3.region=eu-central-1
camel.component.aws2-s3.useDefaultCredentialsProvider=true
camel.component.aws2-s3.deleteAfterRead=false
camel.component.aws2-s3.prefix=file/path/
%dev.camel.component.aws2-s3.proxyHost=localhost
%dev.camel.component.aws2-s3.proxyPort=3100
%dev.camel.component.aws2-s3.proxyProtocol=http

It would be nice if the proxy support could be added (to STS?) for this use case.

Issue Analytics

State:
Created 2 years ago
Comments:10 (10 by maintainers)

Top GitHub Comments

1reaction

tstubercommented, Jul 22, 2021

I just realized that I could use the system properties (see: https://github.com/aws/aws-sdk-java-v2/issues/751#issuecomment-429384558). And that works. Its actually simple and clean that way.

My code looks now like:

        from(aws2S3("{{bucketName}}").delay(5000L))
                .log("body received: ${body}");

# S3 Component
bucketName=my-bucket
camel.component.aws2-s3.region=eu-central-1
camel.component.aws2-s3.useDefaultCredentialsProvider=true
camel.component.aws2-s3.deleteAfterRead=false
camel.component.aws2-s3.fileName=my/path/key

And I start the project locally with ./mvnw clean compile quarkus:dev -Dhttp.proxyHost=localhost -Dhttp.proxyPort=3100-Dhttp.proxyScheme=http

1reaction

ppalagacommented, Jul 22, 2021

That’s a hammer-and-nails workaround and I am all for allowing to set the proxy in a more user friendly way

Top Results From Across the Web

AssumeRoleWithWebIdentity - AWS Security Token Service

Returns a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity...

AssumeRoleWithWebIdentityCo...

Returns a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity...

Authenticate users using an Application Load Balancer

Learn how to configure an Application Load Balancer to authenticate users of your applications using their corporate or social identities before routing ...

Enriching Amazon Cognito features with an Amazon API ...

Solution overview · Configure the client application (mobile or web client) to use the API Gateway endpoint as a proxy to an Amazon...

assume-role-with-web-identity — AWS CLI 1.27.30 Command ...

The role that your application assumes must trust the identity provider that is associated with the identity token. In other words, the identity...