Are AWS's AsyncClients in Java Thread-Safe and Long-Lasting?

Question

I intended to send messages to SNS then I found a AmazonSNSClient. I tried this.

AWSCredentials credentials = new DefaultAWSCredentialsProviderChain()
  .getCredentials();
AmazonSNSClient client = new AmazonSNSClient(credentials);

I made my service instance hold this client to survive it forever, but at some point, errors began to happen.

com.amazonaws.AmazonServiceException: 
The security token included in the request is expired 
(Service: AmazonSNS; Status Code: 403; Error Code: ExpiredToken; 
Request ID: d4bf427c-5b60-568b-a91c-0ea88356bc69)

Obviously, this was because AmazonSNSClient is not designed to stay alive and be used multiple times. AmazonSNSAsyncClient seems to suit that usage.

My question is AmazonSNSAsyncClient is thread-safe? and is AmazonSNSAsyncClient expected to be used multiple times without token request expired?

Thank you for reading this.

I asked AWS support a similar problem on DynamoDB, said, I have to use AWSCredentials instead of AWSCredentialsProvider. Although it isn't an answer about SNSClient, I think it might work.

Answer 1

By using "new DefaultAWSCredentialsProviderChain().getCredentials()", you're taking a snapshot of the AWS credentials at that point in time and providing them to the SNS client. If you find that you're getting an ExpiredToken error after some point in time, it's very likely that you're depending on rotating credentials provided by an EC2 role.

Instead of passing AWSCredentials into the SNS client, try passing in an instance of DefaultAWSCredentialsProviderChain. That should take care of auto-refreshing of credentials when they expire.

You'd have the same issue with the async client.