Uploaded image for project: 'Drivers'
  1. Drivers
  2. DRIVERS-2903

Allow users to provide custom AWS configuration

XMLWordPrintableJSON

    • Type: Icon: New Feature New Feature
    • Resolution: Unresolved
    • Priority: Icon: Unknown Unknown
    • None
    • Component/s: Authentication
    • None
    • Needed
    • Hide

      Summary of necessary driver changes

      • For drivers that want to implement this, update the AWS auth prose tests and FLE prose tests to adhere to the changes in https://github.com/mongodb/specifications/commit/57435ebd7aa3a38f1403054bb70ce8e7304345b5
      • Allow users to provide for AWS authentication in the driver an AWS_CREDENTIAL_PROVIDER auth mechanism property that complies with the languages AWS SDK interface.
      • Allow for users to provide a custom credentialProviders option for KMS requests in both ClientEncryption options and AutoEncryption options that respects the requirements in the linked commit above.

      Commits for syncing spec/prose tests
      (and/or refer to an existing language POC if needed)

      Context for other referenced/linked tickets

      •  
      Show
      Summary of necessary driver changes For drivers that want to implement this, update the AWS auth prose tests and FLE prose tests to adhere to the changes in https://github.com/mongodb/specifications/commit/57435ebd7aa3a38f1403054bb70ce8e7304345b5 Allow users to provide for AWS authentication in the driver an AWS_CREDENTIAL_PROVIDER auth mechanism property that complies with the languages AWS SDK interface. Allow for users to provide a custom credentialProviders option for KMS requests in both ClientEncryption options and AutoEncryption options that respects the requirements in the linked commit above. Commits for syncing spec/prose tests (and/or refer to an existing language POC if needed) https://github.com/mongodb/specifications/commit/57435ebd7aa3a38f1403054bb70ce8e7304345b5 Context for other referenced/linked tickets  
    • $i18n.getText("admin.common.words.hide")
      Key Status/Resolution FixVersion
      NODE-6141 Fixed 6.15.0
      CDRIVER-5851 Backlog
      CXX-3205 Backlog
      CSHARP-5457 Backlog
      GODRIVER-3454 Needs Triage
      JAVA-5759 Backlog
      MOTOR-1419 Duplicate
      PYTHON-5034 Backlog
      PHPLIB-1604 Needs Triage
      RUBY-3606 Won't Fix
      RUST-2133 Needs Triage
      $i18n.getText("admin.common.words.show")
      #scriptField, #scriptField *{ border: 1px solid black; } #scriptField{ border-collapse: collapse; } #scriptField td { text-align: center; /* Center-align text in table cells */ } #scriptField td.key { text-align: left; /* Left-align text in the Key column */ } #scriptField a { text-decoration: none; /* Remove underlines from links */ border: none; /* Remove border from links */ } /* Add green background color to cells with FixVersion */ #scriptField td.hasFixVersion { background-color: #00FF00; /* Green color code */ } #scriptField td.willNotDo { background-color: #FF0000; /* Red color code */ } /* Center-align the first row headers */ #scriptField th { text-align: center; } Key Status/Resolution FixVersion NODE-6141 Fixed 6.15.0 CDRIVER-5851 Backlog CXX-3205 Backlog CSHARP-5457 Backlog GODRIVER-3454 Needs Triage JAVA-5759 Backlog MOTOR-1419 Duplicate PYTHON-5034 Backlog PHPLIB-1604 Needs Triage RUBY-3606 Won't Fix RUST-2133 Needs Triage

      Summary

      Users cannot provide custom AWS configuration. Namely, this affects the Node Driver in that it does not support AWS IAM Role Assumption. As a result, users need to implement custom expiry and reconnection logic when their STS session expires.

      Motivation

      Who is the affected end user?

      Who are the stakeholders?

      How does this affect the end user?

      users need to implement custom expiry and reconnection logic when their STS session expires.

      How likely is it that this problem or use case will occur?

      Likely. In the Node Driver, users often ask for different AWS configurations.

      If the problem does occur, what are the consequences and how severe are they?

      Annoyance for user.

      Is this issue urgent?

      No.

      Is this ticket required by a downstream team?

      No.

      Is this ticket only for tests?

      No.

      Acceptance Criteria

      Allow users to provide their own configuration function.

            Assignee:
            durran.jordan@mongodb.com Durran Jordan
            Reporter:
            aditi.khare@mongodb.com Aditi Khare (Inactive)
            Steve Silvester Steve Silvester
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: