Add ability to configure your own AWSCredentialsProvider

[peterox]

The Spring boot auto configuration will always register an AWSCredentialsProvider making it impossible to register your own.

Adding a conditional to ContextCredentialsAutoConfiguration

@ConditionalOnMissingBean(AWSCredentialsProvider.class)
@Configuration
@Import({ContextDefaultConfigurationRegistrar.class, ContextCredentialsAutoConfiguration.Registrar.class})
public class ContextCredentialsAutoConfiguration {

would allow for something like

    @Bean(name = {CredentialsProviderFactoryBean.CREDENTIALS_PROVIDER_BEAN_NAME, AmazonWebserviceClientConfigurationUtils.CREDENTIALS_PROVIDER_BEAN_NAME} )
    public static AWSCredentialsProviderChain credentialsProvider(Environment environment) {
        return new AWSCredentialsProviderChain(
                new EnvironmentVariableCredentialsProvider(),
                new SystemPropertiesCredentialsProvider(),
                new ProfileCredentialsProvider(),
                new InstanceProfileCredentialsProvider(),
                new StaticCredentialsProvider(new BasicAWSCredentials(environment.getProperty("cloud.aws.credentials.accessKey",""),
                        environment.getProperty("cloud.aws.credentials.secretKey",""))));
    }

[ryangardner]

It also seems that the documentation is not in line with the behavior -

the documentation state at http://cloud.spring.io/spring-cloud-aws/spring-cloud-aws.html states:

"The com.amazonaws.auth.DefaultAWSCredentialsProviderChain is used by all the clients if there is no dedicated credentials provider defined."

The ContextCredentialsAutoConfiguration seems to always create its own credentials provider - but I really do want the DefaultAWSCredentialsProviderChain

[Qvazar]

Bump.
I need to use ContainerCredentialsProvider inside an ECS container to get the IAM role credentials assigned to the container.
How would I do this currently with 1.1.1?

[ryangardner]

I'm not one of the authors, @Qvazar - it seems that there's no way to avoid it registering a credentials provider factory in the bean registry with a certain name - but it seems like you can at least get it to not use that provider chain by making your own and marking it as @Primary

Try doing something like this:

    @Bean
    @Primary
    public AWSCredentialsProvider awsCredentialsProvider() {
        return new DefaultAWSCredentialsProviderChain();
    }

The DefaultAWSCredentialsProviderChain is pretty darn good. It has several providers it wraps and one of them is the EC2ConatinerCredentialsProviderWrapper that will should pull the credentials out for you...

(In #170 I have a patch that would make this thing use the DefaultAWSCredentialsProviderChain, but in the long term I really wonder if it wouldn't be better to remove all of this stuff altogether and have people either use the DefaultAWSCredentialsProviderChain or if they need a different one have them create their own @Bean)

[Qvazar]

That seems to work great, thank you @ryangardner !