From c2939e63ec5f7a281f373d8db2783b18a184faf3 Mon Sep 17 00:00:00 2001
From: cjyclaire <chejingy@amazon.com>
Date: Tue, 20 Jun 2017 15:07:29 -0700
Subject: [PATCH] [Version 2] Fix AWS_PROFILE order in default credential chain
 (#1541)

---
 CHANGELOG.md                                  |  2 ++
 .../aws-sdk-core/credential_provider_chain.rb |  3 ++-
 .../aws/credential_provider_chain_spec.rb     | 20 +++++++++++++++++++
 3 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2d9c5382cbd..67a672667a5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,8 @@
 Unreleased Changes
 ------------------
 
+* Issue - Aws::CredentialProviderChain - Fetching `AWS_PROFILE` environment variable before using `default` profile.
+
 2.9.44 (2017-06-20)
 ------------------
 
diff --git a/aws-sdk-core/lib/aws-sdk-core/credential_provider_chain.rb b/aws-sdk-core/lib/aws-sdk-core/credential_provider_chain.rb
index 7298ceee1be..516e7499983 100644
--- a/aws-sdk-core/lib/aws-sdk-core/credential_provider_chain.rb
+++ b/aws-sdk-core/lib/aws-sdk-core/credential_provider_chain.rb
@@ -62,7 +62,8 @@ def shared_credentials(options)
       if options[:config]
         SharedCredentials.new(profile_name: options[:config].profile)
       else
-        SharedCredentials.new(profile_name: 'default')
+        SharedCredentials.new(
+          profile_name: ENV['AWS_PROFILE'].nil? ? 'default' : ENV['AWS_PROFILE'])
       end
     rescue Errors::NoSuchProfileError
       nil
diff --git a/aws-sdk-core/spec/aws/credential_provider_chain_spec.rb b/aws-sdk-core/spec/aws/credential_provider_chain_spec.rb
index d6c8a73c29c..0a801760554 100644
--- a/aws-sdk-core/spec/aws/credential_provider_chain_spec.rb
+++ b/aws-sdk-core/spec/aws/credential_provider_chain_spec.rb
@@ -92,6 +92,26 @@ module Aws
       expect(credentials.credentials.session_token).to eq('TOKEN_0')
     end
 
+
+    it 'hydrates profile from ENV with AWS_PROFILE when available' do
+      mock_path = File.join(
+        File.dirname(__FILE__), '..', 'fixtures', 'credentials',
+        'mock_shared_credentials')
+      path = File.join('HOME', '.aws', 'credentials')
+      allow(Dir).to receive(:home).and_return('HOME')
+      allow(File).to receive(:exist?).with(path).and_return(true)
+      allow(File).to receive(:readable?).with(path).and_return(true)
+      allow(File).to receive(:read).with(path).and_return(File.read(mock_path))
+
+      env['AWS_PROFILE'] = 'fooprofile'
+      creds = CredentialProviderChain.new.resolve
+      expect(creds.profile_name).to eq('fooprofile')
+      expect(credentials.set?).to be(true)
+      expect(credentials.credentials.access_key_id).to eq('ACCESS_KEY_1')
+      expect(credentials.credentials.secret_access_key).to eq('SECRET_KEY_1')
+      expect(credentials.credentials.session_token).to eq('TOKEN_1')
+    end
+
     it 'hydrates credentials from the instance profile service' do
       path = '/latest/meta-data/iam/security-credentials/'
       resp = <<-JSON.strip