Credentials Provider Chain (Expansion)

[forbode]

Currently the Auto Configure Credentials provider chain is insufficient for most of my usage. While I do love autoconfiguration in this case it does not have a fallback to the default credentials provider when the following is true:

1. You are using ContextCredentialsAutoconfiguration https://github.com/spring-cloud/spring-cloud-aws/blob/master/spring-cloud-aws-autoconfigure/src/main/java/org/springframework/cloud/aws/autoconfigure/context/ContextCredentialsAutoConfiguration.java

2. You are NOT using instance profile credentials

3. You are not configuring the key and secret in application.properties

In the above case it will fail no matter if you set the Environment or system variables for the key and secret.
Perhaps you could check the Application Properties credentials first and if those fail proceed to the default. Unless I am missing something glaring this is not the case.

My argument is as follows:

1. You shouldn't be setting the keys in your application.properties either way. This is a security issue.
2. In some cases, for local testing, you may want to set them in properties file (that are not checked into source control), but if you don't you want to fall back to something (system, env).

Thank you for the great work.

[forbode]

A small update. No matter how I tried to exclude the ContextCredentialsAutoConfiguration I could not stop it from loading, then replacing, the default credentials chain. On my local computer I had the default profile set so it worked, but when deploying with Boxfuse (a great deploy tool) it did not because there is no profile present locally (It deploys on a VirtualBox VM).

I have since removed any Spring Cloud AWS Auto Configuration through maven exclusions, configured my own, and it's booting successfully (and much faster).

[spencergibb]

Closing this due to inactivity. Please re-open if there's more to discuss.