audienceproject/spark-dynamodb

Providing a region and a roleArn still uses global STS endpoint

Closed this issue · 0 comments

jhulten commented

When you pass a roleArn and a region, a AWSSecurityTokenServiceClient is built that still uses the global STS endpoint. This does not allow use in an isolated VPC outside of us-east-1.

spark-dynamodb/src/main/scala/com/audienceproject/spark/dynamodb/connector/DynamoConnector.scala

Lines 78 to 82 in f4bfff1

val stsClient = AWSSecurityTokenServiceClientBuilder
.standard()
.withCredentials(new DefaultAWSCredentialsProviderChain)
.withRegion(chosenRegion)
.build()