AWS: avoid static global credentials provider which doesn't play well with lifecycle management (#8677) (#8843)
Co-authored-by: Kristin Cowalcijk <bo@wherobots.com>
diff --git a/aws/src/main/java/org/apache/iceberg/aws/AwsClientFactories.java b/aws/src/main/java/org/apache/iceberg/aws/AwsClientFactories.java
index 1ec9822..501c7ca 100644
--- a/aws/src/main/java/org/apache/iceberg/aws/AwsClientFactories.java
+++ b/aws/src/main/java/org/apache/iceberg/aws/AwsClientFactories.java
@@ -226,7 +226,8 @@
AwsSessionCredentials.create(accessKeyId, secretAccessKey, sessionToken));
}
} else {
- return DefaultCredentialsProvider.create();
+ // Create a new credential provider for each client
+ return DefaultCredentialsProvider.builder().build();
}
}
}
diff --git a/aws/src/main/java/org/apache/iceberg/aws/AwsClientProperties.java b/aws/src/main/java/org/apache/iceberg/aws/AwsClientProperties.java
index d85764c..1d03a0a 100644
--- a/aws/src/main/java/org/apache/iceberg/aws/AwsClientProperties.java
+++ b/aws/src/main/java/org/apache/iceberg/aws/AwsClientProperties.java
@@ -150,7 +150,8 @@
return credentialsProvider(this.clientCredentialsProvider);
}
- return DefaultCredentialsProvider.create();
+ // Create a new credential provider for each client
+ return DefaultCredentialsProvider.builder().build();
}
private AwsCredentialsProvider credentialsProvider(String credentialsProviderClass) {
diff --git a/aws/src/main/java/org/apache/iceberg/aws/AwsProperties.java b/aws/src/main/java/org/apache/iceberg/aws/AwsProperties.java
index 7bc2ba7..849445f 100644
--- a/aws/src/main/java/org/apache/iceberg/aws/AwsProperties.java
+++ b/aws/src/main/java/org/apache/iceberg/aws/AwsProperties.java
@@ -485,7 +485,8 @@
return credentialsProvider(this.clientCredentialsProvider);
}
- return DefaultCredentialsProvider.create();
+ // Create a new credential provider for each client
+ return DefaultCredentialsProvider.builder().build();
}
private AwsCredentialsProvider credentialsProvider(String credentialsProviderClass) {
diff --git a/aws/src/test/java/org/apache/iceberg/aws/AwsClientPropertiesTest.java b/aws/src/test/java/org/apache/iceberg/aws/AwsClientPropertiesTest.java
index b763def..7f57fbc 100644
--- a/aws/src/test/java/org/apache/iceberg/aws/AwsClientPropertiesTest.java
+++ b/aws/src/test/java/org/apache/iceberg/aws/AwsClientPropertiesTest.java
@@ -62,6 +62,19 @@
}
@Test
+ public void testCreatesNewInstanceOfDefaultCredentialsConfiguration() {
+ AwsClientProperties awsClientProperties = new AwsClientProperties();
+ AwsCredentialsProvider credentialsProvider =
+ awsClientProperties.credentialsProvider(null, null, null);
+ AwsCredentialsProvider credentialsProvider2 =
+ awsClientProperties.credentialsProvider(null, null, null);
+
+ Assertions.assertThat(credentialsProvider)
+ .withFailMessage("Should create a new instance in each call")
+ .isNotSameAs(credentialsProvider2);
+ }
+
+ @Test
public void testBasicCredentialsConfiguration() {
AwsClientProperties awsClientProperties = new AwsClientProperties();
// set access key id and secret access key