Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Destination Iceberg V2: support aws instance profile auth #50876

Merged
merged 9 commits into from
Jan 10, 2025
Merged

Destination Iceberg V2: support aws instance profile auth #50876

merged 9 commits into from
Jan 10, 2025

Conversation

edgao
Copy link
Contributor

@edgao edgao commented Jan 3, 2025
edited
Loading

this seems to work:

  • iceberg defaults to the default creds provider chain
  • so if we stop throwing on null access key/secret, and just don't set those values
  • then it will fallback to instance creds if needed

also, updates the CDK to log the throwable during a check failure. afaict platform doesn't expose the trace message, and I don't know if we actually want to dump the full stacktrace into the check status message.

@frifriSF59 lmk if you already have something like this as part of https://github.com/airbytehq/airbyte-internal-issues/issues/11082 though

(take from beta channel https://airbytehq-team.slack.com/archives/C087GAG7X25/p1735921337428349 )

@edgao edgao requested a review from frifriSF59 January 3, 2025 18:48
@edgao edgao requested a review from a team as a code owner January 3, 2025 18:48
@vercel Vercel
Copy link

vercel bot commented Jan 3, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
airbyte-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jan 10, 2025 6:55pm

@edgao edgao marked this pull request as draft January 3, 2025 19:13
@octavia-squidington-iii octavia-squidington-iii added the CDK Connector Development Kit label Jan 3, 2025
Base automatically changed from edgao/iceberg_release to master January 3, 2025 22:02
@edgao edgao changed the title Destination Iceberg V2: maybe support aws instance profile auth? Destination Iceberg V2: support aws instance profile auth Jan 3, 2025
@edgao edgao marked this pull request as ready for review January 3, 2025 22:28
@edgao edgao force-pushed the edgao/iceberg_better_creds_handling branch from 37c4d02 to 0b42c56 Compare January 3, 2025 22:29
@blarghmatey
Copy link
Contributor

For the eventual reviewer, I was able to test this and successfully authenticate via an IAM instance role without providing the IAM key and secret using the 0.2.6-dev.37c4d02c2e tag of the built image.

@octavia-squidington-iii octavia-squidington-iii added the area/documentation Improvements or additions to documentation label Jan 9, 2025
frifriSF59
frifriSF59 reviewed Jan 9, 2025
View reviewed changes
...3-data-lake/src/main/kotlin/io/airbyte/integrations/destination/iceberg/v2/io/IcebergUtil.kt Outdated

// If we don't have explicit S3 creds, fall back to the default creds provider chain.
// For example, this should allow us to use AWS instance profiles.
val awsAccessKeyId = config.awsAccessKeyConfiguration.accessKeyId
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is fine but now that I see this behavior, I think you are right, we should use that pattern for the Assume role path. I don't think we should make the change in this PR though

@edgao edgao enabled auto-merge (squash) January 10, 2025 18:49
@edgao edgao merged commit 78c4375 into master Jan 10, 2025
32 checks passed
@edgao edgao deleted the edgao/iceberg_better_creds_handling branch January 10, 2025 19:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@frifriSF59 frifriSF59 frifriSF59 approved these changes

Assignees
No one assigned
Labels
area/connectors Connector related issues area/documentation Improvements or additions to documentation CDK Connector Development Kit connectors/destination/iceberg-v2 connectors/destination/s3-data-lake
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@edgao @blarghmatey @frifriSF59 @octavia-squidington-iii