Skip to content

SDK Ignores 'endpoint_url' property of AWS config profiles #5475

New issue
New issue
Not planned
Not planned
SDK Ignores 'endpoint_url' property of AWS config profiles#5475
Labels
bugThis issue is a bug.needs-triageThis issue or PR still needs to be triaged.
@Jgb14002

Description

@Jgb14002
Jgb14002
opened on Aug 6, 2024

Describe the bug

When you specify a profile under ~/.aws/config such as:

[profile localstack]
endpoint_url = http://localhost:4566
region = us-west-1
output = json

When the SDK is using this profile as the active profile, the endpoint_url property is ignored by the SDK. When service endpoints are resolved, they are resolved to their respective defaults, although the region property is used as expected.

For example, using such a configuration results in an SQS endpoint of https://sqs.us-west-1.amazonaws.com

This is contrary to the behavior of the AWS CLI which uses the property correctly.

Expected Behavior

When the active profile specifies an endpoint_url, SDK endpoint resolution for AWS services should use the endpoint_url

Current Behavior

The endpoint_url property is ignored.

2024-08-06T20:07:06.874Z DEBUG 96095 --- [rating-admin] [ecycle-thread-2] s.a.a.a.c.AwsCredentialsProviderChain    : Loading credentials from ProfileCredentialsProvider(profileName=localstack, profileFile=ProfileFile(sections=[profiles, sso-session], profiles=[Profile(name=localstack, properties=[output, endpoint_url, region, aws_access_key_id, aws_secret_access_key])]))
2024-08-06T20:07:06.886Z DEBUG 96095 --- [rating-admin] [ecycle-thread-2] s.a.a.c.i.ExecutionInterceptorChain      : Interceptor 'software.amazon.awssdk.services.sqs.endpoints.internal.SqsRequestSetEndpointInterceptor@455d04df' modified the message with its modifyHttpRequest method.
2024-08-06T20:07:06.898Z DEBUG 96095 --- [rating-admin] [ecycle-thread-2] software.amazon.awssdk.request           : Sending Request: DefaultSdkHttpFullRequest(httpMethod=POST, protocol=https, host=sqs.us-west-1.amazonaws.com, encodedPath=/, headers=[amz-sdk-invocation-id, Content-Length, Content-Type, User-Agent, X-Amz-Target], queryParameters=[])
2024-08-06T20:07:06.899Z DEBUG 96095 --- [rating-admin] [ecycle-thread-2] s.a.a.c.i.io.SdkLengthAwareInputStream   : Specified InputStream length of 30 has been reached. Returning EOF.
2024-08-06T20:07:06.901Z DEBUG 96095 --- [rating-admin] [ecycle-thread-2] s.amazon.awssdk.auth.signer.Aws4Signer   : AWS4 Canonical Request: POST
/

amz-sdk-invocation-id:cb528f43-e513-0e6c-5183-81425a55d1dc
amz-sdk-request:attempt=1; max=4
content-length:30
content-type:application/x-amz-json-1.0
host:sqs.us-west-1.amazonaws.com
x-amz-date:20240806T200706Z
x-amz-target:AmazonSQS.GetQueueUrl

amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date;x-amz-target
f1a6b9ba8c41e194c0698ca930f5ee2021bb286402c3aa639c53a3149b908355

You can see the actual endpoint being used is sqs.us-west-1.amazonaws.com

Reproduction Steps

Create an ~/.aws/config file:

[profile localstack]
endpoint_url = http://localhost:4566
region = us-west-1
output = json

Create an ~/.aws/credentials file:

[localstack]
aws_access_key_id = localstack
aws_secret_access_key = localstack

Run the following code:

package org.example;

import java.util.concurrent.ExecutionException;
import software.amazon.awssdk.services.sqs.SqsAsyncClient;

public class Main {

  public static void main(String[] args) {
    // For example purposes so that it can be resolved
    System.setProperty("aws.profile", "localstack");
    try (SqsAsyncClient client = SqsAsyncClient.create()) {
      client.listQueues().get();
    } catch (InterruptedException | ExecutionException e) {
      e.printStackTrace();
    }
  }
}

You will get an error Caused by: software.amazon.awssdk.services.sqs.model.SqsException: The security token included in the request is invalid. (Service: Sqs, Status Code: 403, Request ID: 360407ba-8ce1-5488-a853-589605d82591) since it is using the default endpoint and not the one specified in the profile.

Possible Solution

No response

Additional Information/Context

https://aws.amazon.com/blogs/developer/new-improved-flexibility-when-configuring-endpoint-urls-with-the-aws-sdks-and-tools/

AWS Java SDK version used

2.21.46 (applies to 2.26.31)

JDK version used

openjdk 21.0.2 2024-01-16

Operating System and version

MacOS 14.3

Activity

Jgb14002
added
bugThis issue is a bug.
needs-triageThis issue or PR still needs to be triaged.
on Aug 6, 2024
debora-ito

debora-ito commented on Aug 6, 2024

@debora-ito
debora-ito
on Aug 6, 2024
Member

Java SDK 2.x does not support endpoint overrides yet, we are tracking here: #4501.

Closing this as a duplicate.

debora-ito
closed this as not plannedon Aug 6, 2024
github-actions

github-actions commented on Aug 6, 2024

@github-actions
github-actionsbot
on Aug 6, 2024

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugThis issue is a bug.needs-triageThis issue or PR still needs to be triaged.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @debora-ito@Jgb14002

        Issue actions
          SDK Ignores 'endpoint_url' property of AWS config profiles · Issue #5475 · aws/aws-sdk-java-v2