Add aws sts library to support IRSA for logging

airbyte-commons-worker/build.gradle

@@ -29,9 +29,9 @@ dependencies {
     annotationProcessor libs.lombok
     implementation libs.bundles.apache
     implementation libs.bundles.log4j
-    implementation libs.aws.java.sdk.s3
     implementation libs.google.cloud.storage
     implementation libs.aws.java.sdk.s3
+    implementation libs.aws.java.sdk.sts
     implementation libs.s3
 
     implementation project(':airbyte-api')

airbyte-commons/src/main/resources/log4j2.xml

@@ -12,8 +12,6 @@
 
         <Property name="s3-bucket">${sys:S3_LOG_BUCKET:-${env:S3_LOG_BUCKET}}</Property>
         <Property name="s3-region">${sys:S3_LOG_BUCKET_REGION:-${env:S3_LOG_BUCKET_REGION}}</Property>
-        <Property name="s3-aws-key">${sys:AWS_ACCESS_KEY_ID:-${env:AWS_ACCESS_KEY_ID}}</Property>
-        <Property name="s3-aws-secret">${sys:AWS_SECRET_ACCESS_KEY:-${env:AWS_SECRET_ACCESS_KEY}}</Property>
         <Property name="s3-minio-endpoint">${sys:S3_MINIO_ENDPOINT:-${env:S3_MINIO_ENDPOINT}}</Property>
         <Property name="s3-path-style-access">${sys:S3_PATH_STYLE_ACCESS:-${env:S3_PATH_STYLE_ACCESS}}</Property>
 
@@ -102,7 +100,6 @@
                       verbose="true"
                       stagingBufferAge="1"
                       s3Bucket="${s3-bucket}" s3Path="job-logging${ctx:cloud_job_log_path}" s3Region="${s3-region}"
-                      s3AwsKey="${s3-aws-key}" s3AwsSecret="${s3-aws-secret}"
                       s3ServiceEndpoint="${s3-minio-endpoint}" s3PathStyleAccess="${s3-path-style-access}"
                       gcpStorageBucket="${gcs-log-bucket}" gcpStorageBlobNamePrefix="job-logging${ctx:cloud_job_log_path}">
                         <PatternLayout pattern="${default-pattern}"/>
@@ -126,7 +123,6 @@
                                     verbose="true"
                                     stagingBufferAge="1"
                                     s3Bucket="${s3-bucket}" s3Path="job-logging${ctx:cloud_job_log_path}" s3Region="${s3-region}"
-                                    s3AwsKey="${s3-aws-key}" s3AwsSecret="${s3-aws-secret}"
                                     s3ServiceEndpoint="${s3-minio-endpoint}" s3PathStyleAccess="${s3-path-style-access}"
                                     gcpStorageBucket="${gcs-log-bucket}" gcpStorageBlobNamePrefix="job-logging${ctx:cloud_job_log_path}">
                         <PatternLayout pattern="${simple-pattern}"/>
@@ -168,7 +164,6 @@
                     <Log4j2Appender name="app-logging/${ctx:cloud_workspace_app_root}/"
                       stagingBufferAge="1"
                       s3Bucket="${s3-bucket}" s3Path="app-logging${ctx:cloud_workspace_app_root}" s3Region="${s3-region}"
-                      s3AwsKey="${s3-aws-key}" s3AwsSecret="${s3-aws-secret}"
                       s3ServiceEndpoint="${s3-minio-endpoint}" s3PathStyleAccess="${s3-path-style-access}"
                       gcpStorageBucket="${gcs-log-bucket}" gcpStorageBlobNamePrefix="app-logging${ctx:cloud_workspace_app_root}">
                         <PatternLayout pattern="${default-pattern}"/>

airbyte-config/config-models/build.gradle

@@ -18,6 +18,7 @@ dependencies {
     annotationProcessor libs.lombok
     implementation libs.google.cloud.storage
     implementation libs.aws.java.sdk.s3
+    implementation libs.aws.java.sdk.sts
     implementation libs.s3
     implementation libs.bundles.apache
 

airbyte-oauth/build.gradle

@@ -11,6 +11,7 @@ dependencies {
     implementation libs.bundles.apache
     implementation libs.appender.log4j2
     implementation libs.aws.java.sdk.s3
+    implementation libs.aws.java.sdk.sts
 
     implementation project(':airbyte-commons')
     implementation project(':airbyte-config:config-models')

airbyte-server/build.gradle

@@ -10,7 +10,7 @@ configurations.all {
         // instead of versions from transitive dependencies
         // Force to avoid updated version brought in transitively from Micronaut 3.8+
         // that is incompatible with our current Helm setup
-        force libs.flyway.core, libs.s3, libs.aws.java.sdk.s3
+        force libs.flyway.core, libs.s3, libs.aws.java.sdk.s3, libs.aws.java.sdk.sts
     }
 }
 
@@ -34,6 +34,7 @@ dependencies {
     implementation libs.flyway.core
     implementation libs.s3
     implementation libs.aws.java.sdk.s3
+    implementation libs.aws.java.sdk.sts
 
     implementation project(':airbyte-analytics')
     implementation project(':airbyte-api')

airbyte-workers/build.gradle

@@ -20,7 +20,7 @@ configurations.all {
     resolutionStrategy {
         // Ensure that the versions defined in deps.toml are used
         // instead of versions from transitive dependencies
-        force libs.flyway.core, libs.jooq, libs.s3, libs.aws.java.sdk.s3
+        force libs.flyway.core, libs.jooq, libs.s3, libs.aws.java.sdk.s3, libs.aws.java.sdk.sts
     }
 }
 
@@ -47,6 +47,7 @@ dependencies {
     implementation libs.jooq
     implementation libs.s3
     implementation libs.aws.java.sdk.s3
+    implementation libs.aws.java.sdk.sts
     implementation 'com.google.auth:google-auth-library-oauth2-http:1.4.0'
     implementation 'com.auth0:java-jwt:3.19.2'
     implementation libs.kubernetes.client

deps.toml

@@ -52,6 +52,7 @@ apache-cxf-core = { module = "org.apache.cxf:cxf-core", version = "3.4.2" }
 appender-log4j2 = { module = "com.therealvan:appender-log4j2", version = "3.6.0" }
 assertj-core = { module = "org.assertj:assertj-core", version = "3.21.0" }
 aws-java-sdk-s3 = { module = "com.amazonaws:aws-java-sdk-s3", version = "1.12.6" }
+aws-java-sdk-sts = {module = "com.amazonaws:aws-java-sdk-sts", version = "1.12.6"}
 byte-buddy = { module = "net.bytebuddy:byte-buddy", version = "1.12.14" }
 commons-io = { module = "commons-io:commons-io", version.ref = "commons_io" }
 connectors-testcontainers = { module = "org.testcontainers:testcontainers", version.ref = "connectors-testcontainers" }