Skip to content

Commit

Permalink
Improve tests for remote session credentials
Browse files Browse the repository at this point in the history
  • Loading branch information
@vagaerg
vagaerg committed Aug 6, 2024
1 parent d956120 commit 4c83263
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 7 deletions.
4 changes: 3 additions & 1 deletion ...roxy/src/test/java/io/trino/aws/proxy/server/testing/TestingCredentialsRolesProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,9 @@ public Optional<Credentials> credentials(String emulatedAccessKey, Optional<Stri
checkState(emulatedAccessKey.equals(session.sessionCredential.accessKey()), "emulatedAccessKey and session accessKey mismatch");

Credentials originalCredentials = requireNonNull(credentials.get(session.originalEmulatedAccessKey), "original credentials missing for: " + session.originalEmulatedAccessKey);
return Optional.of(Credentials.build(session.sessionCredential, originalCredentials.remote()));
return Optional.of(originalCredentials.remoteSessionRole()
.map(remoteSessionRole -> Credentials.build(session.sessionCredential, originalCredentials.requiredRemoteCredential(), remoteSessionRole))
.orElseGet(() -> Credentials.build(session.sessionCredential, originalCredentials.requiredRemoteCredential())));
});
}

Expand Down
13 changes: 7 additions & 6 deletions trino-aws-proxy/src/test/java/io/trino/aws/proxy/server/testing/containers/S3Container.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,12 +75,13 @@ public class S3Container
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::*"
]
"Action": "s3:*",
"Resource": "arn:aws:s3:::*",
"Condition": {
"StringEquals": {
"aws:principaltype": "AssumedRole"
}
}
}
]
}
Expand Down

0 comments on commit 4c83263

Please sign in to comment.