Package org.apache.iceberg.aws

Class AwsClientProperties

java.lang.Object
org.apache.iceberg.aws.AwsClientProperties
All Implemented Interfaces:
Serializable
public class AwsClientProperties extends Object implements Serializable
See Also:

  • Field Details

    • CLIENT_CREDENTIALS_PROVIDER

      public static final String CLIENT_CREDENTIALS_PROVIDER
      Configure the AWS credentials provider used to create AWS clients. A fully qualified concrete class with package that implements the AwsCredentialsProvider interface is required.

      Additionally, the implementation class must also have a create() or create(Map) method implemented, which returns an instance of the class that provides aws credentials provider.

      Example: client.credentials-provider=software.amazon.awssdk.auth.credentials.SystemPropertyCredentialsProvider

      When set, the default client factory AwsClientFactories.defaultFactory() and other AWS client factory classes will use this provider to get AWS credentials provided instead of reading the default credential chain to get AWS access credentials.

      See Also:

    • CLIENT_CREDENTIAL_PROVIDER_PREFIX

      protected static final String CLIENT_CREDENTIAL_PROVIDER_PREFIX
      Used by the client.credentials-provider configured value that will be used by AwsClientFactories.defaultFactory() and other AWS client factory classes to pass provider-specific properties. Each property consists of a key name and an associated value.
      See Also:

    • CLIENT_REGION

      public static final String CLIENT_REGION
      Used by AwsClientFactories.DefaultAwsClientFactory and also other client factory classes. If set, all AWS clients except STS client will use the given region instead of the default region chain.
      See Also:

    • REFRESH_CREDENTIALS_ENDPOINT

      public static final String REFRESH_CREDENTIALS_ENDPOINT
      When set, the VendedCredentialsProvider will be used to fetch and refresh vended credentials from this endpoint.
      See Also:

    • REFRESH_CREDENTIALS_ENABLED

      public static final String REFRESH_CREDENTIALS_ENABLED
      Controls whether vended credentials should be refreshed or not. Defaults to true.
      See Also:

    • LEGACY_MD5_PLUGIN_ENABLED

      public static final String LEGACY_MD5_PLUGIN_ENABLED
      Controls whether legacy MD5 plugin should be added or not. Defaults to false. AWS SDK version 2.30.0 introduced integrity protections that are not backward compatible. Enable this property only when you need to access older S3-compatible object storages that depend on the legacy MD5 checksum.
      See Also:

  • Constructor Details

    • AwsClientProperties

      public AwsClientProperties()

    • AwsClientProperties

      public AwsClientProperties(Map<String,String> properties)

  • Method Details

    • clientRegion

      public String clientRegion()

    • setClientRegion

      public void setClientRegion(String clientRegion)

    • applyClientRegionConfiguration

      public <BuilderT extends software.amazon.awssdk.awscore.client.builder.AwsClientBuilder<BuilderT, ClientT>, ClientT> void applyClientRegionConfiguration(BuilderT builder)
      Configure a client AWS region.

      Sample usage: 

           S3Client.builder().applyMutation(awsClientProperties::applyClientRegionConfiguration)

    • applyClientRegionConfiguration

      public <T extends software.amazon.awssdk.services.s3.S3CrtAsyncClientBuilder> void applyClientRegionConfiguration(T builder)
      Configure an S3 CRT client region.

      Sample usage: 

           S3AsyncClient.crtBuilder().applyMutation(awsClientProperties::applyClientRegionConfiguration)

    • applyClientCredentialConfigurations

      public <BuilderT extends software.amazon.awssdk.awscore.client.builder.AwsClientBuilder<BuilderT, ClientT>, ClientT> void applyClientCredentialConfigurations(BuilderT builder)
      Configure the credential provider for AWS clients.

      Sample usage: 

           DynamoDbClient.builder().applyMutation(awsClientProperties::applyClientCredentialConfigurations)

    • applyClientCredentialConfigurations

      public <T extends software.amazon.awssdk.services.s3.S3CrtAsyncClientBuilder> void applyClientCredentialConfigurations(T builder)
      Configure the credential provider for S3 CRT clients.

      Sample usage: 

           S3AsyncClient.crtBuilder().applyMutation(awsClientProperties::applyClientCredentialConfigurations)

    • credentialsProvider

      public software.amazon.awssdk.auth.credentials.AwsCredentialsProvider credentialsProvider(String accessKeyId, String secretAccessKey, String sessionToken)
      Returns a credentials provider instance. If refreshCredentialsEndpoint is set, an instance of VendedCredentialsProvider is returned. If params were set, we return a new credentials instance. If none of the params are set, we try to dynamically load the provided credentials provider class. Upon loading the class, we try to invoke create(Map<String, String>) static method. If that fails, we fall back to create(). If credential provider class wasn't set, we fall back to default credentials provider.
      Parameters:
      accessKeyId - the AWS access key ID
      secretAccessKey - the AWS secret access key
      sessionToken - the AWS session token
      Returns:
      a credentials provider instance

    • applyRetryConfigurations

      public <BuilderT extends software.amazon.awssdk.awscore.client.builder.AwsClientBuilder<BuilderT, ClientT>, ClientT> void applyRetryConfigurations(BuilderT builder)
      Configure RetryMode to ADAPTIVE_V2 for AWS clients

      Sample usage: 

         KmsClient.builder().applyMutation(awsClientProperties::applyRetryConfigurations)

    • applyLegacyMd5Plugin

      public <BuilderT extends software.amazon.awssdk.awscore.client.builder.AwsClientBuilder<BuilderT, ClientT>, ClientT> void applyLegacyMd5Plugin(BuilderT builder)
      Add a legacy md5 plugin if it is enabled.

      Sample usage: 

           S3Client.builder().applyMutation(awsClientProperties::applyLegacyMd5Plugin)