-
Enhancement
-
Resolution: Done
-
Minor
-
None
-
None
-
False
-
None
-
False
Feature request or enhancement
I'm trying to run Debezium Server with kinesis as a sink on a container in the AWS ECS cluster, using an IAM role.
Searching on the project in GitHub, I saw that the kinesis java file (https://github.com/debezium/debezium-server/blob/main/debezium-server-kinesis/src/main/java/io/debezium/server/kinesis/KinesisChangeConsumer.java) uses the ProfileCredentialsProvider class for getting the credentials, which obtain the infos from the profile files (~/.aws/), but it is not automatically created on the ECS container image.
So I have to run a script for writing those files by hand, what is not a good thing to do.
Besides of that, I have to keep checking for token expiration.
Looking on AWS SDK developer guide, I found the default credentials provider chain page (https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html), what seems to be the best approach for that case.
Which use case/requirement will be addressed by the proposed feature?
The proposed feature will attend everyone who wants to run Debezium Server inside a container on the AWS ECS cluster service.
Furthermore it will attend all aws sdk available credentials providers.
Implementation ideas (optional)
The simplest and best alternative is just remove the .credentialsProvider from the KinesisClientBuilder, so it will use the default credential provider chain.
- links to
-
RHEA-2023:120698 Red Hat build of Debezium 2.3.4 release