From fd0ccd558715fc1e964755d2ebf7c9ca9fa1d7ee Mon Sep 17 00:00:00 2001 From: Jesse Szwedko Date: Fri, 1 Sep 2023 10:24:47 -0400 Subject: [PATCH] fix(aws provider): Don't unwap external_id (#18452) This field is optional. Closes: #18340 Signed-off-by: Jesse Szwedko --- src/aws/auth.rs | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/src/aws/auth.rs b/src/aws/auth.rs index 665f382c33d73..d05d479aaaab1 100644 --- a/src/aws/auth.rs +++ b/src/aws/auth.rs @@ -221,11 +221,15 @@ impl AwsAuthentication { )); if let Some(assume_role) = assume_role { let auth_region = region.clone().map(Region::new).unwrap_or(service_region); - let auth_external_id = external_id.clone().unwrap(); - let provider = AssumeRoleProviderBuilder::new(assume_role) - .region(auth_region) - .external_id(auth_external_id) - .build(provider); + let mut builder = + AssumeRoleProviderBuilder::new(assume_role).region(auth_region); + + if let Some(external_id) = external_id { + builder = builder.external_id(external_id) + } + + let provider = builder.build(provider); + return Ok(SharedCredentialsProvider::new(provider)); } Ok(provider) @@ -253,11 +257,16 @@ impl AwsAuthentication { .. } => { let auth_region = region.clone().map(Region::new).unwrap_or(service_region); - let auth_external_id = external_id.clone().unwrap(); - let provider = AssumeRoleProviderBuilder::new(assume_role) - .region(auth_region.clone()) - .external_id(auth_external_id) - .build(default_credentials_provider(auth_region, *imds).await?); + let mut builder = + AssumeRoleProviderBuilder::new(assume_role).region(auth_region.clone()); + + if let Some(external_id) = external_id { + builder = builder.external_id(external_id) + } + + let provider = + builder.build(default_credentials_provider(auth_region, *imds).await?); + Ok(SharedCredentialsProvider::new(provider)) } AwsAuthentication::Default { imds, region, .. } => Ok(SharedCredentialsProvider::new(