Uploaded image for project: 'Service Packs and Hot Fixes'
  1. Service Packs and Hot Fixes
  2. MNT-20260

APS S3 does not work with GovCloud and AmazonS3Client deprecated


    • Bug Priority:
      Category 1
    • ACT Numbers:




      The S3 connector for APS does not work with GovCloud, though GovCloud is in the enum region list of the SDK. The regions is not set for the s3 client therefore it defaults to something else. APS does not provide bucket location/region or endpoint properties to set.

      There are a few main issues:

      1 > We do not set the region, the region defaults to default provider and in this case fails with GovCloud. The regions are enumerated so can be set from this.

      2 > AmazonS3Client is deprecated. We are using a deprecated method for s3 client.

      3 > version sdk is outdated: aws-java-sdk-s3-1.11.335.jar ( APS), current version 1.11.473

      Customer (Jeff Potts provided a fix, which workS by getting and setting the region from the list of enum regions in the source code (com.activiti.content.storage.s3.AmazonS3ContentStorage) with the deprecated AmazonS3Client method.

      s3client = new AmazonS3Client(new BasicAWSCredentials(accessKey, secretKey));

      But in actuality this should be fixed to use the non-deprecated AmazonS3ClientBuilder:

      BasicAWSCredentials awsCreds = new BasicAWSCredentials("access_key_id", "secret_key_id");
      AmazonS3 s3Client = AmazonS3ClientBuilder.standard()
                              .withCredentials(new AWSStaticCredentialsProvider(awsCreds))

      Replication Steps

      • set S3 configuration for APS using GovCloud bucket

      Additional Information

      APS uses

      • aws-java-sdk-ec2-1.11.335.jar
      • aws-java-sdk-core-1.11.335.jar
      • aws-java-sdk-kms-1.11.335.jar
      • aws-java-sdk-s3-1.11.335.jar

      so, s3 version 1.11.335 : http://central.maven.org/maven2/com/amazonaws/aws-java-sdk-s3/1.11.335/

      Looking at the sources jar for 1.11.335 sdk s3, it includes US_GovCloud("us-gov-west-1") in the enum Region list. So the region is available (enumerated) in the aws-java-sdk-s3 that is in use. But it does not work with our implementation.

      The AmazonS3Client is deprecated. Instead the AmazonS3ClientBuilder should be used.


      • ./activiti-bpm-suite/content-storage-s3/src/main/java/com/activiti/content/storage/s3/AmazonS3ContentStorage.java
      . . .
      private AmazonS3 s3client;
          private String bucket;
          private String objectKeyPrefix;
          public AmazonS3ContentStorage(String accessKey, String secretKey, String bucket, String objectKeyPrefix) {
              this.bucket = bucket;
              this.objectKeyPrefix = objectKeyPrefix;
              // Create shared instance of S3 client
              s3client = new AmazonS3Client(new BasicAWSCredentials(accessKey, secretKey));
      . . .
      • ./activiti-bpm-suite/activiti-app/src/main/java/com/activiti/conf/ContentStorageConfiguration.java
      public class ContentStorageConfiguration {
      . . . 
          private static final String PROP_S3_ACCESS_KEY = "contentstorage.s3.accessKey";
          private static final String PROP_S3_SECRET_KEY = "contentstorage.s3.secretKey";
          private static final String PROP_S3_BUCKET_NAME = "contentstorage.s3.bucketName";
          private static final String PROP_S3_OBJECT_KEY_PREFIX = "contentstorage.s3.objectKeyPrefix";
      . . .


          Issue Links




                • Assignee:
                  mhowarth Mark Howarth [X] (Inactive)
                  jsoria Jennie Soria [X] (Inactive)
                • Votes:
                  0 Vote for this issue
                  6 Start watching this issue


                  • Created:

                    Structure Helper Panel