Use DefaultAWSCredentialsProvider and DefaultAWSRegionProviderChain by default.

Fixes spring-attic#583
Closes spring-attic#568

Author: maciejwalkowiak

docs/src/main/asciidoc/_configprops.adoc

@@ -14,17 +14,14 @@
 |aws.secretsmanager.prefix | /secret | Prefix indicating first level for every property. Value must start with a forward slash followed by a valid path segment or be empty. Defaults to "/config".
 |aws.secretsmanager.profile-separator | _ | 
 |cloud.aws.credentials.access-key |  | The access key to be used with a static provider.
-|cloud.aws.credentials.instance-profile | true | Configures an instance profile credentials provider with no further configuration.
+|cloud.aws.credentials.instance-profile | false | Configures an instance profile credentials provider with no further configuration.
 |cloud.aws.credentials.profile-name |  | The AWS profile name.
 |cloud.aws.credentials.profile-path |  | The AWS profile path.
 |cloud.aws.credentials.secret-key |  | The secret key to be used with a static provider.
-|cloud.aws.credentials.use-default-aws-credentials-chain | false | Use the DefaultAWSCredentials Chain instead of configuring a custom credentials chain.
 |cloud.aws.loader.core-pool-size | 1 | The core pool size of the Task Executor used for parallel S3 interaction. @see org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor#setCorePoolSize(int)
 |cloud.aws.loader.max-pool-size |  | The maximum pool size of the Task Executor used for parallel S3 interaction. @see org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor#setMaxPoolSize(int)
 |cloud.aws.loader.queue-capacity |  | The maximum queue capacity for backed up S3 requests. @see org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor#setQueueCapacity(int)
-|cloud.aws.region.auto | true | Enables automatic region detection based on the EC2 meta data service.
 |cloud.aws.region.static |  | 
-|cloud.aws.region.use-default-aws-region-chain | false | Whether default AWS SDK region provider chain should be used when auto is set to true.
 |cloud.aws.stack.auto | true | Enables the automatic stack name detection for the application.
 |cloud.aws.stack.name |  | The name of the manually configured stack name that will be used to retrieve the resources.
 

docs/src/main/asciidoc/spring-cloud-aws.adoc

@@ -305,14 +305,16 @@ only configure classes that are available in the Spring Boot application's class
 ===== Configuring credentials
 Spring Boot provides a standard way to define properties with property file or YAML configuration files. Spring Cloud
 AWS provides support to configure the credential information with the Spring Boot application configuration files.
-Spring Cloud AWS provides the following properties to configure the credentials setup for the whole application.
 
-Unless `cloud.aws.credentials.use-default-aws-credentials-chain` is set to `true`, Spring Cloud AWS configures following
-credentials chain:
+By default Spring Cloud AWS configures https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/auth/DefaultAWSCredentialsProviderChain.html[DefaultAWSCredentialsProviderChain] to resolve AWS credentials.
+
+If other credentials providers are configured, https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/auth/DefaultAWSCredentialsProviderChain.html[DefaultAWSCredentialsProviderChain] is not used and Spring Cloud AWS configures following credentials chain:
 
 1. `AWSStaticCredentialsProvider` if `cloud.aws.credentials.access-key` is provided
-2. `EC2ContainerCredentialsProviderWrapper` unless `cloud.aws.credentials.instance-profile` is set to `false`
-3. `ProfileCredentialsProvider`
+2. `EC2ContainerCredentialsProviderWrapper` if `cloud.aws.credentials.instance-profile` is set to `true`
+3. `ProfileCredentialsProvider` if `cloud.aws.credentials.profile-name` is provided
+
+Spring Cloud AWS provides the following properties to configure the credentials setup for the whole application.
 
 [cols="3*", options="header"]
 |===
@@ -339,15 +341,11 @@ credentials chain:
 |cloud.aws.credentials.profile-path
 |`~/.aws/credentials`
 |The file path where the profile configuration file is located. Defaults to `~/.aws/credentials` if value is not provided
-
-|cloud.aws.credentials.use-default-aws-credentials-chain
-|true
-|Use the DefaultAWSCredentials Chain instead of configuring a custom credentials chain
 |===
 
 ===== Configuring region
 Like for the credentials, the Spring Cloud AWS module also supports the configuration of the region inside the Spring
-Boot configuration files. The region can be automatically detected or explicitly configured (e.g. in case of local tests
+Boot configuration files. The region can be automatically detected using https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/regions/DefaultAwsRegionProviderChain.html[DefaultAwsRegionProviderChain] or explicitly configured (e.g. in case of local tests
 against the AWS cloud).
 
 The properties to configure the region are shown below
@@ -358,14 +356,6 @@ The properties to configure the region are shown below
 |example
 |description
 
-|cloud.aws.region.auto
-|true
-|Enables automatic region detection based on the EC2 meta data service
-
-|cloud.aws.region.use-default-aws-region-chain
-|true
-|Use the DefaultAWSRegion Chain instead of configuring a custom region chain
-
 |cloud.aws.region.static
 |eu-west-1
 |Configures a static region for the application. Possible regions are (currently) us-east-1, us-west-1, us-west-2,

spring-cloud-aws-autoconfigure/src/main/java/org/springframework/cloud/aws/autoconfigure/context/ContextCredentialsAutoConfiguration.java

@@ -16,100 +16,76 @@
 
 package org.springframework.cloud.aws.autoconfigure.context;
 
-import org.springframework.beans.factory.support.BeanDefinitionRegistry;
+import java.util.ArrayList;
+import java.util.List;
+
+import com.amazonaws.auth.AWSCredentialsProvider;
+import com.amazonaws.auth.AWSCredentialsProviderChain;
+import com.amazonaws.auth.AWSStaticCredentialsProvider;
+import com.amazonaws.auth.BasicAWSCredentials;
+import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
+import com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper;
+import com.amazonaws.auth.profile.ProfileCredentialsProvider;
+
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
-import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.cloud.aws.autoconfigure.context.properties.AwsCredentialsProperties;
-import org.springframework.cloud.aws.context.config.annotation.ContextDefaultConfigurationRegistrar;
-import org.springframework.cloud.aws.core.credentials.CredentialsProviderFactoryBean;
-import org.springframework.context.EnvironmentAware;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
-import org.springframework.context.annotation.ImportBeanDefinitionRegistrar;
-import org.springframework.core.env.Environment;
-import org.springframework.core.type.AnnotationMetadata;
 import org.springframework.util.StringUtils;
 
-import static com.amazonaws.auth.profile.internal.AwsProfileNameLoader.DEFAULT_PROFILE_NAME;
-import static org.springframework.cloud.aws.context.config.support.ContextConfigurationUtils.registerCredentialsProvider;
-import static org.springframework.cloud.aws.context.config.support.ContextConfigurationUtils.registerDefaultAWSCredentialsProvider;
+import static org.springframework.cloud.aws.core.config.AmazonWebserviceClientConfigurationUtils.CREDENTIALS_PROVIDER_BEAN_NAME;
 
 /**
+ * {@link EnableAutoConfiguration} for {@link AWSCredentialsProvider}.
+ *
  * @author Agim Emruli
+ * @author Maciej Walkowiak
  */
 @Configuration(proxyBeanMethods = false)
-@Import({ ContextDefaultConfigurationRegistrar.class,
-		ContextCredentialsAutoConfiguration.Registrar.class })
-@ConditionalOnClass(name = "com.amazonaws.auth.AWSCredentialsProvider")
+@EnableConfigurationProperties(AwsCredentialsProperties.class)
+@ConditionalOnClass(com.amazonaws.auth.AWSCredentialsProvider.class)
 public class ContextCredentialsAutoConfiguration {
 
-	/**
-	 * The prefix used for AWS credentials related properties.
-	 */
-	public static final String AWS_CREDENTIALS_PROPERTY_PREFIX = "cloud.aws.credentials";
+	@Bean(name = CREDENTIALS_PROVIDER_BEAN_NAME)
+	@ConditionalOnMissingBean(name = CREDENTIALS_PROVIDER_BEAN_NAME)
+	public AWSCredentialsProvider awsCredentialsProvider(
+			AwsCredentialsProperties properties) {
 
-	/**
-	 * Bind AWS credentials related properties to a property instance.
-	 * @return An {@link AwsCredentialsProperties} instance
-	 */
-	@Bean
-	@ConfigurationProperties(prefix = AWS_CREDENTIALS_PROPERTY_PREFIX)
-	public AwsCredentialsProperties awsCredentialsProperties() {
-		return new AwsCredentialsProperties();
-	}
+		List<AWSCredentialsProvider> providers = resolveCredentialsProviders(properties);
 
-	/**
-	 * Registrar for the credentials provider.
-	 */
-	public static class Registrar
-			implements ImportBeanDefinitionRegistrar, EnvironmentAware {
+		if (providers.isEmpty()) {
+			return new DefaultAWSCredentialsProviderChain();
+		}
+		else {
+			return new AWSCredentialsProviderChain(providers);
+		}
+	}
 
-		private Environment environment;
+	private List<AWSCredentialsProvider> resolveCredentialsProviders(
+			AwsCredentialsProperties properties) {
+		List<AWSCredentialsProvider> providers = new ArrayList<>();
 
-		@Override
-		public void setEnvironment(Environment environment) {
-			this.environment = environment;
+		if (StringUtils.hasText(properties.getAccessKey())
+				&& StringUtils.hasText(properties.getSecretKey())) {
+			providers.add(new AWSStaticCredentialsProvider(new BasicAWSCredentials(
+					properties.getAccessKey(), properties.getSecretKey())));
 		}
 
-		@Override
-		public void registerBeanDefinitions(AnnotationMetadata importingClassMetadata,
-				BeanDefinitionRegistry registry) {
-			// Do not register a credentials provider if a bean with the same name is
-			// already registered.
-			if (registry.containsBeanDefinition(
-					CredentialsProviderFactoryBean.CREDENTIALS_PROVIDER_BEAN_NAME)) {
-				return;
-			}
+		if (properties.isInstanceProfile()) {
+			providers.add(new EC2ContainerCredentialsProviderWrapper());
+		}
 
-			Boolean useDefaultCredentialsChain = this.environment
-					.getProperty(
-							AWS_CREDENTIALS_PROPERTY_PREFIX
-									+ ".use-default-aws-credentials-chain",
-							Boolean.class, false);
-			String accessKey = this.environment
-					.getProperty(AWS_CREDENTIALS_PROPERTY_PREFIX + ".access-key");
-			String secretKey = this.environment
-					.getProperty(AWS_CREDENTIALS_PROPERTY_PREFIX + ".secret-key");
-			if (useDefaultCredentialsChain && (StringUtils.isEmpty(accessKey)
-					|| StringUtils.isEmpty(secretKey))) {
-				registerDefaultAWSCredentialsProvider(registry);
-			}
-			else {
-				registerCredentialsProvider(registry, accessKey, secretKey,
-						this.environment.getProperty(
-								AWS_CREDENTIALS_PROPERTY_PREFIX + ".instance-profile",
-								Boolean.class, true)
-								&& !this.environment.containsProperty(
-										AWS_CREDENTIALS_PROPERTY_PREFIX + ".access-key"),
-						this.environment.getProperty(
-								AWS_CREDENTIALS_PROPERTY_PREFIX + ".profile-name",
-								DEFAULT_PROFILE_NAME),
-						this.environment.getProperty(
-								AWS_CREDENTIALS_PROPERTY_PREFIX + ".profile-path"));
-			}
+		if (properties.getProfileName() != null) {
+			providers.add(properties.getProfilePath() != null
+					? new ProfileCredentialsProvider(properties.getProfilePath(),
+							properties.getProfileName())
+					: new ProfileCredentialsProvider(properties.getProfileName()));
 		}
 
+		return providers;
 	}
 
 }

spring-cloud-aws-autoconfigure/src/main/java/org/springframework/cloud/aws/autoconfigure/context/ContextRegionProviderAutoConfiguration.java

@@ -16,20 +16,17 @@
 
 package org.springframework.cloud.aws.autoconfigure.context;
 
-import org.springframework.beans.factory.support.BeanDefinitionRegistry;
-import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.cloud.aws.autoconfigure.context.properties.AwsRegionProperties;
-import org.springframework.context.EnvironmentAware;
+import org.springframework.cloud.aws.core.region.DefaultAwsRegionProviderChainDelegate;
+import org.springframework.cloud.aws.core.region.RegionProvider;
+import org.springframework.cloud.aws.core.region.StaticRegionProvider;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
-import org.springframework.context.annotation.ImportBeanDefinitionRegistrar;
-import org.springframework.core.env.Environment;
-import org.springframework.core.type.AnnotationMetadata;
 import org.springframework.util.StringUtils;
 
 import static org.springframework.cloud.aws.context.config.support.ContextConfigurationUtils.REGION_PROVIDER_BEAN_NAME;
-import static org.springframework.cloud.aws.context.config.support.ContextConfigurationUtils.registerRegionProvider;
 
 /**
  * Region auto configuration, based on <a
@@ -38,58 +35,21 @@
  *
  * @author Agim Emruli
  * @author Petromir Dzhunev
+ * @author Maciej Walkowiak
  */
 @Configuration(proxyBeanMethods = false)
-@Import(ContextRegionProviderAutoConfiguration.Registrar.class)
+@EnableConfigurationProperties(AwsRegionProperties.class)
 public class ContextRegionProviderAutoConfiguration {
 
-	/**
-	 * The prefix used for AWS region related properties.
-	 */
-	public static final String AWS_REGION_PROPERTIES_PREFIX = "cloud.aws.region";
-
-	/**
-	 * Bind AWS region related properties to a property instance.
-	 * @return An {@link AwsRegionProperties} instance
-	 */
-	@Bean
-	@ConfigurationProperties(prefix = AWS_REGION_PROPERTIES_PREFIX)
-	public AwsRegionProperties awsRegionProperties() {
-		return new AwsRegionProperties();
-	}
-
-	static class Registrar implements EnvironmentAware, ImportBeanDefinitionRegistrar {
-
-		private Environment environment;
-
-		@Override
-		public void registerBeanDefinitions(AnnotationMetadata importingClassMetadata,
-				BeanDefinitionRegistry registry) {
-			// Do not register region provider if already existing
-			if (registry.containsBeanDefinition(REGION_PROVIDER_BEAN_NAME)) {
-				return;
-			}
-
-			boolean useDefaultRegionChain = this.environment.getProperty(
-					AWS_REGION_PROPERTIES_PREFIX + ".use-default-aws-region-chain",
-					Boolean.class, false);
-
-			String staticRegion = this.environment
-					.getProperty(AWS_REGION_PROPERTIES_PREFIX + ".static");
-
-			boolean autoDetect = this.environment.getProperty(
-					AWS_REGION_PROPERTIES_PREFIX + ".auto", Boolean.class, true)
-					&& !StringUtils.hasText(staticRegion);
-
-			registerRegionProvider(registry, autoDetect, useDefaultRegionChain,
-					staticRegion);
+	@ConditionalOnMissingBean(name = REGION_PROVIDER_BEAN_NAME)
+	@Bean(name = REGION_PROVIDER_BEAN_NAME)
+	RegionProvider regionProvider(AwsRegionProperties properties) {
+		if (StringUtils.hasText(properties.getStatic())) {
+			return new StaticRegionProvider(properties.getStatic());
 		}
-
-		@Override
-		public void setEnvironment(Environment environment) {
-			this.environment = environment;
+		else {
+			return new DefaultAwsRegionProviderChainDelegate();
 		}
-
 	}
 
 }

spring-cloud-aws-autoconfigure/src/main/java/org/springframework/cloud/aws/autoconfigure/context/properties/AwsCredentialsProperties.java

@@ -16,7 +16,7 @@
 
 package org.springframework.cloud.aws.autoconfigure.context.properties;
 
-import com.amazonaws.auth.profile.internal.AwsProfileNameLoader;
+import org.springframework.boot.context.properties.ConfigurationProperties;
 
 /**
  * Properties related to AWS credentials.
@@ -25,6 +25,7 @@
  * @since 2.0.2
  * @see org.springframework.cloud.aws.autoconfigure.context.ContextCredentialsAutoConfiguration
  */
+@ConfigurationProperties(prefix = "cloud.aws.credentials")
 public class AwsCredentialsProperties {
 
 	/**
@@ -40,18 +41,12 @@ public class AwsCredentialsProperties {
 	/**
 	 * Configures an instance profile credentials provider with no further configuration.
 	 */
-	private boolean instanceProfile = true;
-
-	/**
-	 * Use the DefaultAWSCredentials Chain instead of configuring a custom credentials
-	 * chain.
-	 */
-	private boolean useDefaultAwsCredentialsChain;
+	private boolean instanceProfile = false;
 
 	/**
 	 * The AWS profile name.
 	 */
-	private String profileName = AwsProfileNameLoader.DEFAULT_PROFILE_NAME;
+	private String profileName;
 
 	/**
 	 * The AWS profile path.
@@ -82,14 +77,6 @@ public void setInstanceProfile(boolean instanceProfile) {
 		this.instanceProfile = instanceProfile;
 	}
 
-	public boolean isUseDefaultAwsCredentialsChain() {
-		return this.useDefaultAwsCredentialsChain;
-	}
-
-	public void setUseDefaultAwsCredentialsChain(boolean useDefaultAwsCredentialsChain) {
-		this.useDefaultAwsCredentialsChain = useDefaultAwsCredentialsChain;
-	}
-
 	public String getProfileName() {
 		return this.profileName;
 	}