Credentials provider changes - AWS SDK for Java 2.x

Credentials provider changes

This section provides a mapping of the name changes of credentials provider classes and methods between versions 1.x and 2.x of the AWS SDK for Java.

Notable differences

  • The default credentials provider loads system properties before environment variables in version 2.x. For more information, see Using credentials.

  • The constructor method is replaced with the create or builder methods.

    DefaultCredentialsProvider.create();
  • Asynchronous refresh is no longer set by default. You must specify it with the builder of the credentials provider.

    ContainerCredentialsProvider provider = ContainerCredentialsProvider.builder() .asyncCredentialUpdateEnabled(true) .build();
  • You can specify a path to a custom profile file using the ProfileCredentialsProvider.builder().

    ProfileCredentialsProvider profile = ProfileCredentialsProvider.builder() .profileFile(ProfileFile.builder().content(Paths.get("myProfileFile.file")).build()) .build();
  • Profile file format has changed to more closely match the AWS CLI. For details, see Configuring the AWS CLI in the AWS Command Line Interface User Guide.

Credentials provider changes mapped between versions 1.x and 2.x

AWSCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.AWSCredentialsProvider software.amazon.awssdk.auth.credentials.AwsCredentialsProvider
Method name getCredentials resolveCredentials
Unsupported method refresh Not supported

DefaultAWSCredentialsProviderChain

Change category 1.x 2.x
Package/class name com.amazonaws.auth.DefaultAWSCredentialsProviderChain software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider
Creation new DefaultAWSCredentialsProviderChain DefaultCredentialsProvider.create
Unsupported method getInstance Not supported
Priority order of external settings

Environment variables before system properties

System properties before environment variables

AWSStaticCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.AWSStaticCredentialsProvider software.amazon.awssdk.auth.credentials.StaticCredentialsProvider
Creation new AWSStaticCredentialsProvider StaticCredentialsProvider.create

EnvironmentVariableCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.EnvironmentVariableCredentialsProvider software.amazon.awssdk.auth.credentials.EnvironmentVariableCredentialsProvider
Creation new EnvironmentVariableCredentialsProvider EnvironmentVariableCredentialsProvider.create
Environment variable name AWS_ACCESS_KEY AWS_ACCESS_KEY_ID
AWS_SECRET_KEY AWS_SECRET_ACCESS_KEY

SystemPropertiesCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.SystemPropertiesCredentialsProvider software.amazon.awssdk.auth.credentials.SystemPropertyCredentialsProvider
Creation new SystemPropertiesCredentialsProvider SystemPropertiesCredentialsProvider.create
System property name aws.secretKey aws.secretAccessKey

ProfileCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.profile.ProfileCredentialsProvider software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider
Creation new ProfileCredentialsProvider ProfileCredentialsProvider.create
Location of custom profile
  • AWS_CREDENTIAL_PROFILES_FILE environment variable

  • new ProfileCredentialsProvider

  • AWS_SHARED_CREDENTIALS_FILE environment variable

  • ProfileCredentialsProvider.builder

ContainerCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.ContainerCredentialsProvider software.amazon.awssdk.auth.credentials.ContainerCredentialsProvider
Creation new ContainerCredentialsProvider ContainerCredentialsProvider.create
Specify asynchronous refresh Not supported Default behavior

InstanceProfileCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.InstanceProfileCredentialsProvider software.amazon.awssdk.auth.credentials.InstanceProfileCredentialsProvider
Creation new InstanceProfileCredentialsProvider InstanceProfileCredentialsProvider.create
Specify asynchronous refresh new InstanceProfileCredentialsProvider(true)

InstanceProfilerCredentialProvider.builder().asyncCredentialUpdateEnabled(true).build()

System property name com.amazonaws.sdk.disableEc2Metadata aws.disableEc2Metadata
com.amazonaws.sdk.ec2MetadataServiceEndpointOverride aws.ec2MetadataServiceEndpoint

STSAssumeRoleSessionCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider software.amazon.awssdk.services.sts.auth.StsAssumeRoleCredentialsProvider
Creation
  • new STSAssumeRoleSessionCredentialsProvider

  • new STSAssumeRoleSessionCredentialsProvider.Builder

StsAssumeRoleCredentialsProvider.builder
Asynchronous refresh Default behavior Default behavior
Configuration new STSAssumeRoleSessionCredentialsProvider.Builder Configure a StsClient and AssumeRoleRequest request

STSSessionCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.STSSessionCredentialsProvider software.amazon.awssdk.services.sts.auth.StsGetSessionTokenCredentialsProvider
Creation

new STSAssumeRoleSessionCredentialsProvider

StsGetSessionTokenCredentialsProvider.builder
Asynchronous refresh Default behavior StsGetSessionTokenCredentialsProvider.builder
Configuration Constructor parameters Configure an StsClient and GetSessionTokenRequest request in a builder

WebIdentityFederationSessionCredentialsProvider

Change category 1.x 2.x
Package/class name com.amazonaws.auth.WebIdentityFederationSessionCredentialsProvider software.amazon.awssdk.services.sts.auth.StsAssumeRoleWithWebIdentityCredentialsProviderr
Creation

new WebIdentityFederationSessionCredentialsProvider

StsAssumeRoleWithWebIdentityCredentialsProvider.builder
Asynchronous refresh Default behavior StsAssumeRoleWithWebIdentityCredentialsProvider.builder
Configuration Constructor parameters Configure an StsClient and AssumeRoleWithWebIdentityRequest request in a builder

Classes replaced

1.x class 2.x replacement classes
com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper software.amazon.awssdk.auth.credentials.ContainerCredentialsProvider and software.amazon.awssdk.auth.credentials.InstanceProfileCredentialsProvider
com.amazonaws.services.s3.S3CredentialsProviderChain software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider and software.amazon.awssdk.auth.credentials.AnonymousCredentialsProvider

Classes removed

1.x class
com.amazonaws.auth.ClasspathPropertiesFileCredentialsProvider
com.amazonaws.auth.PropertiesFileCredentialsProvider