Way to specify aws.accessKeyId, aws.secretKey via application_<profilename>.properties

[typekpb]

Type: Feature

Component:

Parameter Store

Is your feature request related to a problem? Please describe.
I'm using java 11 => stick to 2.x version.

Based on official docs, following are the ways to provide credentials:
https://cloud.spring.io/spring-cloud-static/spring-cloud-aws/2.2.0.M2/reference/html/#_sdk_credentials_configuration

• use the environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
• use the system properties aws.accessKeyId and aws.secretKey
• use the user specific profile credentials file
• use ECS credentials if the AWS_CONTAINER_CREDENTIALS_RELATIVE_URI environment variable is set
• use the instance profile credentials (see below)

As I'm running with localstack => accessKeyId and secretAccessKey vals are irrelevant, still I'm forced to provide any value, otherwise the

Describe the solution you'd like
For the local run profile, I'd like to use application_<profilename>.properties to provide credentials. Currently whatever properties I tried didn't work, e.g.:

cloud.aws.credentials.accessKey=test
cloud.aws.credentials.secretKey=test

(referred in the docs: https://cloud.spring.io/spring-cloud-static/spring-cloud-aws/2.2.0.M2/reference/html/#_configuring_credentials) are ignored.

And result is:

com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain: [EnvironmentVariableCredentialsProvider: Unable to load AWS credentials from environment variables (AWS_ACCESS_KEY_ID (or AWS_ACCESS_KEY) and AWS_SECRET_KEY (or AWS_SECRET_ACCESS_KEY)), SystemPropertiesCredentialsProvider: Unable to load AWS credentials from Java system properties (aws.accessKeyId and aws.secretKey), WebIdentityTokenCredentialsProvider: To use assume role profiles the aws-java-sdk-sts module must be on the class path., com.amazonaws.auth.profile.ProfileCredentialsProvider@20de05e5: Unable to load credentials into profile [default]: AWS Access Key ID is not specified., com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper@3f685162: Failed to connect to service endpoint: ]

Describe alternatives you've considered
I'd love to see what keys in the application_<profilename>.properties are about to be used, to be later propagated to authorization call.

My current workaround is to set the system properties very early manually:

@Order(HIGHEST_PRECEDENCE)
public class AwsLocalConfiguration implements ApplicationListener<ApplicationEnvironmentPreparedEvent> {
    @Override
    public void onApplicationEvent(ApplicationEnvironmentPreparedEvent event) {
        System.setProperty("aws.accessKeyId", "test");
        System.setProperty("aws.secretKey", "test");
    }
}

META-INF/spring.factories:

org.springframework.context.ApplicationListener=\
 AwsLocalConfiguration

Which doesn't however sound right.

[maciejwalkowiak]

Parameter Store and Secrets Manager integrations cannot be customized in the same way as other integrations because they are created in the bootstrap phase. Take a look at this issue to see how this can be done: #205

[typekpb]

@maciejwalkowiak thanks for the hint
Would you mind providing sample for ParameterStore case? I'm not able to figure the proper val for line:

registry.register(???.class, context -> {

what seems the most probable option for the class, is: AwsParamStoreProperties, that seems not to hold any props like: accessKeyId or secretAccessKey .

[nbrugger-tgm]

Is there a solution to this?