fix(aws service): Revert AWS-SDK updates (#16651)

* Revert "chore(deps): upgrade AWS crates to v0.54.1 (#16443)"

This reverts commit 0d084c2.

* Revert "chore(deps): Update aws-sdks to 0.23 and aws supporting crates to 0.53 (#16365)"

This reverts commit f4e90e1.

Cargo.toml

@@ -169,22 +169,21 @@ metrics = "0.20.1"
 metrics-tracing-context = { version = "0.12.0", default-features = false }
 
 # AWS - Official SDK
-aws-sdk-s3 = { version = "0.24.0", default-features = false, features = ["native-tls"], optional = true }
-aws-sdk-sqs = { version = "0.24.0", default-features = false, features = ["native-tls"], optional = true }
-aws-sdk-cloudwatch = { version = "0.24.0", default-features = false, features = ["native-tls"], optional = true }
-aws-sdk-cloudwatchlogs = { version = "0.24.0", default-features = false, features = ["native-tls"], optional = true }
-aws-sdk-elasticsearch = {version = "0.24.0", default-features = false, features = ["native-tls"], optional = true }
-aws-sdk-firehose = { version = "0.24.0", default-features = false, features = ["native-tls"], optional = true }
-aws-sdk-kinesis = { version = "0.24.0", default-features = false, features = ["native-tls"], optional = true }
-aws-types = { version = "0.54.1", default-features = false, optional = true }
-aws-sigv4 = { version = "0.54.1", default-features = false, features = ["sign-http"], optional = true }
-aws-config = { version = "0.54.1", default-features = false, features = ["native-tls"], optional = true }
-aws-credential-types = { version = "0.54.1", default-features = false, features = ["hardcoded-credentials"], optional = true }
-aws-smithy-async = { version = "0.54.4", default-features = false, optional = true }
-aws-smithy-client = { version = "0.54.4", default-features = false, features = ["client-hyper"], optional = true}
-aws-smithy-http = { version = "0.54.1", default-features = false, features = ["event-stream"], optional = true }
-aws-smithy-http-tower = { version = "0.54.4", default-features = false, optional = true }
-aws-smithy-types = { version = "0.54.1", default-features = false, optional = true }
+aws-sdk-s3 = { version = "0.21.0", default-features = false, features = ["native-tls"], optional = true }
+aws-sdk-sqs = { version = "0.21.0", default-features = false, features = ["native-tls"], optional = true }
+aws-sdk-cloudwatch = { version = "0.21.0", default-features = false, features = ["native-tls"], optional = true }
+aws-sdk-cloudwatchlogs = { version = "0.21.0", default-features = false, features = ["native-tls"], optional = true }
+aws-sdk-elasticsearch = {version = "0.21.0", default-features = false, features = ["native-tls"], optional = true }
+aws-sdk-firehose = { version = "0.21.0", default-features = false, features = ["native-tls"], optional = true }
+aws-sdk-kinesis = { version = "0.21.0", default-features = false, features = ["native-tls"], optional = true }
+aws-types = { version = "0.51.0", default-features = false, features = ["hardcoded-credentials"], optional = true }
+aws-sigv4 = { version = "0.53.0", default-features = false, features = ["sign-http"], optional = true }
+aws-config = { version = "0.51.0", default-features = false, features = ["native-tls"], optional = true }
+aws-smithy-async = { version = "0.51.0", default-features = false, optional = true }
+aws-smithy-client = { version = "0.51.0", default-features = false, features = ["client-hyper"], optional = true}
+aws-smithy-http = { version = "0.51.0", default-features = false, features = ["event-stream"], optional = true }
+aws-smithy-http-tower = { version = "0.54.1", default-features = false, optional = true }
+aws-smithy-types = { version = "0.51.0", default-features = false, optional = true }
 
 # Azure
 azure_core = { git = "https://github.com/Azure/azure-sdk-for-rust.git", rev = "b4544d4920fa3064eb921340054cd9cc130b7664", default-features = false, features = ["enable_reqwest"], optional = true }
@@ -443,7 +442,6 @@ api-client = [
 
 aws-core = [
   "aws-config",
-  "dep:aws-credential-types",
   "dep:aws-sigv4",
   "dep:aws-types",
   "dep:aws-smithy-async",

scripts/integration/aws/compose.yaml

@@ -7,7 +7,6 @@ services:
     image: docker.io/localstack/localstack-full:0.11.6
     environment:
     - SERVICES=kinesis,s3,cloudwatch,elasticsearch,es,firehose,sqs
-    - DEBUG=1
   mock-watchlogs:
     image: docker.io/luciofranco/mockwatchlogs:latest
   mock-ecs:

src/aws/auth.rs

@@ -3,11 +3,7 @@ use std::time::Duration;
 use aws_config::{
     default_provider::credentials::DefaultCredentialsChain, imds, sts::AssumeRoleProviderBuilder,
 };
-use aws_credential_types::{
-    cache::CredentialsCache, provider::SharedCredentialsProvider, Credentials,
-};
-use aws_types::region::Region;
-
+use aws_types::{credentials::SharedCredentialsProvider, region::Region, Credentials};
 use serde_with::serde_as;
 use vector_common::sensitive_string::SensitiveString;
 use vector_config::configurable_component;
@@ -129,27 +125,6 @@ pub enum AwsAuthentication {
 }
 
 impl AwsAuthentication {
-    pub async fn credentials_cache(&self) -> crate::Result<CredentialsCache> {
-        match self {
-            AwsAuthentication::Role {
-                load_timeout_secs, ..
-            }
-            | AwsAuthentication::Default {
-                load_timeout_secs, ..
-            } => {
-                let credentials_cache = CredentialsCache::lazy_builder()
-                    .load_timeout(
-                        load_timeout_secs
-                            .map(Duration::from_secs)
-                            .unwrap_or(DEFAULT_LOAD_TIMEOUT),
-                    )
-                    .into_credentials_cache();
-
-                Ok(credentials_cache)
-            }
-            _ => Ok(CredentialsCache::lazy()),
-        }
-    }
     pub async fn credentials_provider(
         &self,
         service_region: Region,
@@ -168,19 +143,25 @@ impl AwsAuthentication {
             }
             AwsAuthentication::Role {
                 assume_role,
+                load_timeout_secs,
                 imds,
                 region,
-                ..
             } => {
                 let auth_region = region.clone().map(Region::new).unwrap_or(service_region);
                 let provider = AssumeRoleProviderBuilder::new(assume_role)
                     .region(auth_region.clone())
-                    .build(default_credentials_provider(auth_region, *imds).await?);
+                    .build(
+                        default_credentials_provider(auth_region, *load_timeout_secs, *imds)
+                            .await?,
+                    );
 
                 Ok(SharedCredentialsProvider::new(provider))
             }
-            AwsAuthentication::Default { imds, .. } => Ok(SharedCredentialsProvider::new(
-                default_credentials_provider(service_region, *imds).await?,
+            AwsAuthentication::Default {
+                load_timeout_secs,
+                imds,
+            } => Ok(SharedCredentialsProvider::new(
+                default_credentials_provider(service_region, *load_timeout_secs, *imds).await?,
             )),
         }
     }
@@ -196,6 +177,7 @@ impl AwsAuthentication {
 
 async fn default_credentials_provider(
     region: Region,
+    load_timeout_secs: Option<u64>,
     imds: ImdsAuthentication,
 ) -> crate::Result<SharedCredentialsProvider> {
     let client = imds::Client::builder()
@@ -205,13 +187,16 @@ async fn default_credentials_provider(
         .build()
         .await?;
 
-    let credentials_provider = DefaultCredentialsChain::builder()
+    let chain = DefaultCredentialsChain::builder()
         .region(region)
         .imds_client(client)
-        .build()
-        .await;
+        .load_timeout(
+            load_timeout_secs
+                .map(Duration::from_secs)
+                .unwrap_or(DEFAULT_LOAD_TIMEOUT),
+        );
 
-    Ok(SharedCredentialsProvider::new(credentials_provider))
+    Ok(SharedCredentialsProvider::new(chain.build().await))
 }
 
 #[cfg(test)]