use of com.amazonaws.SdkBaseException in project aws-msk-iam-auth by aws.
the class MSKCredentialProvider method loadCredentialsWithRetry.
private AWSCredentials loadCredentialsWithRetry() {
RetryPolicyContext retryPolicyContext = RetryPolicyContext.builder().build();
boolean shouldTry = true;
try {
while (shouldTry) {
try {
AWSCredentials credentials = compositeDelegate.getCredentials();
if (credentials == null) {
throw new SdkClientException("Composite delegate returned empty credentials.");
}
return credentials;
} catch (SdkBaseException se) {
log.warn("Exception loading credentials. Retry Attempts: {}", retryPolicyContext.retriesAttempted(), se);
retryPolicyContext = createRetryPolicyContext(se, retryPolicyContext.retriesAttempted());
shouldTry = retryPolicy.shouldRetry(retryPolicyContext);
if (shouldTry) {
Thread.sleep(retryPolicy.computeDelayBeforeNextRetry(retryPolicyContext));
retryPolicyContext = createRetryPolicyContext(retryPolicyContext.exception(), retryPolicyContext.retriesAttempted() + 1);
} else {
throw se;
}
}
}
throw new SdkClientException("loadCredentialsWithRetry in unexpected location " + retryPolicyContext.totalRequests(), retryPolicyContext.exception());
} catch (InterruptedException ie) {
Thread.currentThread().interrupt();
throw new RuntimeException("Interrupted while waiting for credentials.", ie);
}
}
use of com.amazonaws.SdkBaseException in project aws-msk-iam-auth by aws.
the class MSKCredentialProviderTest method setupMockStsRoleCredentialsProviderWithRetriableExceptions.
private STSAssumeRoleSessionCredentialsProvider setupMockStsRoleCredentialsProviderWithRetriableExceptions(int numErrors) {
SdkBaseException[] exceptionsToThrow = getSdkBaseExceptions(numErrors);
STSAssumeRoleSessionCredentialsProvider mockStsRoleProvider = Mockito.mock(STSAssumeRoleSessionCredentialsProvider.class);
Mockito.when(mockStsRoleProvider.getCredentials()).thenThrow(exceptionsToThrow).thenReturn(new BasicSessionCredentials(ACCESS_KEY_VALUE, SECRET_KEY_VALUE, SESSION_TOKEN));
return mockStsRoleProvider;
}
use of com.amazonaws.SdkBaseException in project aws-msk-iam-auth by aws.
the class MSKCredentialProviderTest method setupMockDefaultProviderWithRetriableExceptions.
private AWSCredentialsProvider setupMockDefaultProviderWithRetriableExceptions(int numErrors) {
SdkBaseException[] exceptionsToThrow = getSdkBaseExceptions(numErrors);
EC2ContainerCredentialsProviderWrapper mockEc2Provider = Mockito.mock(EC2ContainerCredentialsProviderWrapper.class);
Mockito.when(mockEc2Provider.getCredentials()).thenThrow(exceptionsToThrow).thenReturn(new BasicAWSCredentials(ACCESS_KEY_VALUE_TWO, SECRET_KEY_VALUE_TWO));
return mockEc2Provider;
}
use of com.amazonaws.SdkBaseException in project cloudbreak by hortonworks.
the class AwsCredentialConnectorTest method testVerifyByServiceIfRoleBasedCredentialVerificationThrowsSdkBaseExceptionThenFailed503StatusShouldReturn.
@Test
public void testVerifyByServiceIfRoleBasedCredentialVerificationThrowsSdkBaseExceptionThenFailed503StatusShouldReturn() throws IOException {
URL url = Resources.getResource("definitions/aws-environment-minimal-policy.json");
String awsEnvPolicy = Resources.toString(url, UTF_8);
String encodedAwsEnvPolicy = Base64.getEncoder().encodeToString(awsEnvPolicy.getBytes());
List<String> services = List.of("ml");
Map<String, String> experiencePrerequisites = Map.of("ml", encodedAwsEnvPolicy);
String roleArn = "someRoleArn";
when(credentialView.getRoleArn()).thenReturn(roleArn);
String exceptionMessageComesFromSdk = "SomethingTerribleHappened!";
String expectedExceptionMessage = String.format("Unable to verify credential: check if the role '%s' exists and it's created with the correct " + "external ID. Cause: '%s'", roleArn, exceptionMessageComesFromSdk);
Exception sdkException = new SdkBaseException(exceptionMessageComesFromSdk);
when(awsPlatformParameters.getEnvironmentMinimalPoliciesJson()).thenReturn(Map.of(PolicyType.PUBLIC, encodedAwsEnvPolicy, PolicyType.GOV, encodedAwsEnvPolicy));
when(credentialClient.retrieveSessionCredentials(any())).thenThrow(sdkException);
CDPServicePolicyVerificationResponses result = underTest.verifyByServices(authenticatedContext, services, experiencePrerequisites);
assertNotNull(result);
assertEquals(result.getResults().size(), 1);
assertEquals(result.getResults().stream().findFirst().get().getServiceName(), "ml");
assertEquals(result.getResults().stream().findFirst().get().getServiceStatus(), expectedExceptionMessage);
assertEquals(result.getResults().stream().findFirst().get().getStatusCode(), 503);
}
use of com.amazonaws.SdkBaseException in project cloudbreak by hortonworks.
the class AwsCredentialConnectorTest method testVerifyIfRoleBasedCredentialVerificationThrowsSdkBaseExceptionThenFailedStatusShouldReturn.
@Test
public void testVerifyIfRoleBasedCredentialVerificationThrowsSdkBaseExceptionThenFailedStatusShouldReturn() throws AwsPermissionMissingException, IOException {
URL url = Resources.getResource("definitions/aws-environment-minimal-policy.json");
String awsEnvPolicy = Resources.toString(url, UTF_8);
String encodedAwsEnvPolicy = Base64.getEncoder().encodeToString(awsEnvPolicy.getBytes());
String roleArn = "someRoleArn";
when(credentialView.getRoleArn()).thenReturn(roleArn);
String exceptionMessageComesFromSdk = "SomethingTerribleHappened!";
String expectedExceptionMessage = String.format("Unable to verify credential: check if the role '%s' exists and it's created with the correct " + "external ID. Cause: '%s'", roleArn, exceptionMessageComesFromSdk);
Exception sdkException = new SdkBaseException(exceptionMessageComesFromSdk);
when(awsPlatformParameters.getEnvironmentMinimalPoliciesJson()).thenReturn(Map.of(PolicyType.PUBLIC, encodedAwsEnvPolicy, PolicyType.GOV, encodedAwsEnvPolicy));
doThrow(sdkException).when(awsCredentialVerifier).validateAws(credentialView, encodedAwsEnvPolicy);
CloudCredentialStatus result = underTest.verify(authenticatedContext, CREDENTIAL_VERIFICATION_CONTEXT);
assertNotNull(result);
assertEquals(CredentialStatus.FAILED, result.getStatus());
assertEquals(expectedExceptionMessage, result.getStatusReason());
assertEquals(sdkException, result.getException());
verify(awsCredentialVerifier, times(1)).validateAws(any(), any());
verify(awsCredentialVerifier, times(1)).validateAws(credentialView, encodedAwsEnvPolicy);
}
Aggregations