ethkatnic · ethkatnic · Sep 4, 2024 · Aug 20, 2024 · Aug 20, 2024 · Aug 20, 2024
diff --git a/amazon-kinesis-client-multilang/pom.xml b/amazon-kinesis-client-multilang/pom.xml
@@ -27,10 +27,6 @@
 
   <artifactId>amazon-kinesis-client-multilang</artifactId>
 
-  <properties>
-    <aws-java-sdk.version>1.12.668</aws-java-sdk.version>
-  </properties>
-
   <dependencies>
     <dependency>
       <groupId>software.amazon.kinesis</groupId>
@@ -43,32 +39,6 @@
       <version>${awssdk.version}</version>
     </dependency>
 
-    <dependency>
-      <groupId>com.amazonaws</groupId>
-      <artifactId>aws-java-sdk-core</artifactId>
-      <version>${aws-java-sdk.version}</version>
-      <exclusions>
-        <exclusion>
-          <groupId>com.fasterxml.jackson.core</groupId>
-          <artifactId>jackson-databind</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>com.fasterxml.jackson.dataformat</groupId>
-          <artifactId>jackson-dataformat-cbor</artifactId>
-        </exclusion>
-        <exclusion>
-          <groupId>org.apache.httpcomponents</groupId>
-          <artifactId>httpclient</artifactId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-
-    <dependency>
-        <groupId>com.amazonaws</groupId>
-        <artifactId>aws-java-sdk-sts</artifactId>
-        <version>${aws-java-sdk.version}</version>
-    </dependency>
-
     <dependency>
       <groupId>org.projectlombok</groupId>
       <artifactId>lombok</artifactId>

diff --git a/...s-client-multilang/src/main/java/software/amazon/kinesis/multilang/NestedPropertyKey.java b/...s-client-multilang/src/main/java/software/amazon/kinesis/multilang/NestedPropertyKey.java
@@ -15,13 +15,14 @@
 package software.amazon.kinesis.multilang;
 
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
-import com.amazonaws.regions.Regions;
 import com.google.common.base.CaseFormat;
 import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
+import software.amazon.awssdk.regions.Region;
 
 /**
  * Key-Value pairs which may be nested in, and extracted from, a property value
@@ -73,8 +74,13 @@ void visit(final NestedPropertyProcessor processor, final String endpoint) {
      * @see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-regions">Available Regions</a>
      */
     ENDPOINT_REGION {
-        void visit(final NestedPropertyProcessor processor, final String region) {
-            processor.acceptEndpointRegion(Regions.fromName(region));
+        void visit(final NestedPropertyProcessor processor, final String regionName) {
+            List<Region> validRegions = Region.regions();
+            Region region = Region.of(regionName);
+            if (!validRegions.contains(region)) {
+                throw new IllegalArgumentException("Invalid region name: " + regionName);
+            }
+            processor.acceptEndpointRegion(region);
         }
     },
 

diff --git a/...nt-multilang/src/main/java/software/amazon/kinesis/multilang/NestedPropertyProcessor.java b/...nt-multilang/src/main/java/software/amazon/kinesis/multilang/NestedPropertyProcessor.java
@@ -14,7 +14,7 @@
  */
 package software.amazon.kinesis.multilang;
 
-import com.amazonaws.regions.Regions;
+import software.amazon.awssdk.regions.Region;
 
 /**
  * Defines methods to process {@link NestedPropertyKey}s.
@@ -28,7 +28,7 @@ public interface NestedPropertyProcessor {
      *      (e.g., https://sns.us-west-1.amazonaws.com, sns.us-west-1.amazonaws.com)
      * @param signingRegion the region to use for SigV4 signing of requests (e.g. us-west-1)
      *
-     * @see #acceptEndpointRegion(Regions)
+     * @see #acceptEndpointRegion(Region)
      * @see <a href="https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/client/builder/AwsClientBuilder.EndpointConfiguration.html">
      *     AwsClientBuilder.EndpointConfiguration</a>
      */
@@ -42,7 +42,7 @@ public interface NestedPropertyProcessor {
      *
      * @see #acceptEndpoint(String, String)
      */
-    void acceptEndpointRegion(Regions region);
+    void acceptEndpointRegion(Region region);
 
     /**
      * Set the external id, an optional field to designate who can assume an IAM role.

diff --git a/...va/software/amazon/kinesis/multilang/auth/KclSTSAssumeRoleSessionCredentialsProvider.java b/...va/software/amazon/kinesis/multilang/auth/KclSTSAssumeRoleSessionCredentialsProvider.java
diff --git a/...main/java/software/amazon/kinesis/multilang/auth/KclStsAssumeRoleCredentialsProvider.java b/...main/java/software/amazon/kinesis/multilang/auth/KclStsAssumeRoleCredentialsProvider.java
@@ -0,0 +1,53 @@
+package software.amazon.kinesis.multilang.auth;
+
+import java.util.Arrays;
+
+import software.amazon.awssdk.auth.credentials.AwsCredentials;
+import software.amazon.awssdk.auth.credentials.AwsCredentialsProvider;
+import software.amazon.awssdk.regions.Region;
+import software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider;
+import software.amazon.kinesis.multilang.NestedPropertyKey;
+import software.amazon.kinesis.multilang.NestedPropertyProcessor;
+
+public class KclStsAssumeRoleCredentialsProvider implements AwsCredentialsProvider, NestedPropertyProcessor {
+    private final String roleArn;
+    private final String roleSessionName;
+    private Region region;
+    private String serviceEndpoint;
+    private String externalId;
+
+    public KclStsAssumeRoleCredentialsProvider(String[] params) {
+        this(params[0], params[1], Arrays.copyOfRange(params, 2, params.length));
+    }
+
+    public KclStsAssumeRoleCredentialsProvider(String roleArn, String roleSessionName, String... params) {
+        this.roleArn = roleArn;
+        this.roleSessionName = roleSessionName;
+        NestedPropertyKey.parse(this, params);
+    }
+
+    @Override
+    public AwsCredentials resolveCredentials() {
+        StsAssumeRoleCredentialsProviderConfig config = new StsAssumeRoleCredentialsProviderConfig(
+                roleArn, roleSessionName, region, serviceEndpoint, externalId);
+        StsAssumeRoleCredentialsProvider stsAssumeRoleCredentialsProvider =
+                StsAssumeRoleCredentialsProviderFactory.createProvider(config);
+        return stsAssumeRoleCredentialsProvider.resolveCredentials();
+    }
+
+    @Override
+    public void acceptEndpoint(String serviceEndpoint, String signingRegion) {
+        this.serviceEndpoint = serviceEndpoint;
+        this.region = Region.of(signingRegion);
+    }
+
+    @Override
+    public void acceptEndpointRegion(Region region) {
+        this.region = region;
+    }
+
+    @Override
+    public void acceptExternalId(String externalId) {
+        this.externalId = externalId;
+    }
+}
diff --git a/...n/java/software/amazon/kinesis/multilang/auth/StsAssumeRoleCredentialsProviderConfig.java b/...n/java/software/amazon/kinesis/multilang/auth/StsAssumeRoleCredentialsProviderConfig.java
@@ -0,0 +1,24 @@
+package software.amazon.kinesis.multilang.auth;
+
+import lombok.Getter;
+import lombok.Setter;
+import software.amazon.awssdk.regions.Region;
+
+@Getter
+@Setter
+public class StsAssumeRoleCredentialsProviderConfig {
+    private final String roleArn;
+    private final String roleSessionName;
+    private final Region region;
+    private final String serviceEndpoint;
+    private final String externalId;
+
+    public StsAssumeRoleCredentialsProviderConfig(
+            String roleArn, String roleSessionName, Region region, String serviceEndpoint, String externalId) {
+        this.roleArn = roleArn;
+        this.roleSessionName = roleSessionName;
+        this.region = region;
+        this.serviceEndpoint = serviceEndpoint;
+        this.externalId = externalId;
+    }
+}
diff --git a/.../java/software/amazon/kinesis/multilang/auth/StsAssumeRoleCredentialsProviderFactory.java b/.../java/software/amazon/kinesis/multilang/auth/StsAssumeRoleCredentialsProviderFactory.java
@@ -0,0 +1,40 @@
+package software.amazon.kinesis.multilang.auth;
+
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import software.amazon.awssdk.services.sts.StsClient;
+import software.amazon.awssdk.services.sts.StsClientBuilder;
+import software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider;
+import software.amazon.awssdk.services.sts.model.AssumeRoleRequest;
+
+public class StsAssumeRoleCredentialsProviderFactory {
+
+    public static StsAssumeRoleCredentialsProvider createProvider(StsAssumeRoleCredentialsProviderConfig config) {
+        StsClientBuilder stsClientBuilder = StsClient.builder();
+
+        if (config.getRegion() != null) {
+            stsClientBuilder.region(config.getRegion());
+        }
+
+        if (config.getServiceEndpoint() != null) {
+            try {
+                stsClientBuilder.endpointOverride(new URI(config.getServiceEndpoint()));
+            } catch (URISyntaxException e) {
+                throw new IllegalArgumentException("Invalid service endpoint: " + config.getServiceEndpoint(), e);
+            }
+        }
+
+        StsClient stsClient = stsClientBuilder.build();
+
+        AssumeRoleRequest assumeRoleRequest = AssumeRoleRequest.builder()
+                .roleArn(config.getRoleArn())
+                .roleSessionName(config.getRoleSessionName())
+                .build();
+
+        return StsAssumeRoleCredentialsProvider.builder()
+                .refreshRequest(assumeRoleRequest)
+                .stsClient(stsClient)
+                .build();
+    }
+}