Revert "AWS auth role additions for runtime secrets mgr" (#10302)

airbyte-config/config-secrets/src/main/kotlin/secrets/persistence/AwsSecretManagerPersistence.kt

@@ -11,7 +11,6 @@ import com.amazonaws.regions.Regions
 import com.amazonaws.secretsmanager.caching.SecretCache
 import com.amazonaws.services.secretsmanager.AWSSecretsManager
 import com.amazonaws.services.secretsmanager.AWSSecretsManagerClientBuilder
-import com.amazonaws.services.secretsmanager.model.AWSSecretsManagerException
 import com.amazonaws.services.secretsmanager.model.CreateSecretRequest
 import com.amazonaws.services.secretsmanager.model.DeleteSecretRequest
 import com.amazonaws.services.secretsmanager.model.ResourceNotFoundException
@@ -55,24 +54,7 @@ class AwsSecretManagerPersistence(private val awsClient: AwsClient, private val
     payload: String,
   ) {
     Preconditions.checkArgument(payload.isNotEmpty(), "Payload shouldn't be empty")
-    val existingSecret =
-      try {
-        read(coordinate)
-      } catch (e: AWSSecretsManagerException) {
-        // We use tags to control access to secrets.
-        // The AWS SDK doesn't differentiate between role access exceptions and secret not found exceptions to prevent leaking information.
-        // Because of this we catch the exception and if it's due to the assumed-role not having access, we just ignore it and proceed.
-        // In theory, the secret should not exist, and we will go straight to attempting to create which is safe because:
-        // 1. Update and create are distinct actions and we can't create over an already existing secret so we should get an error and no-op
-        // 2. If the secret does exist, we will get an error and no-op
-        if (e.localizedMessage.contains("assumed-role")) {
-          logger.info { "AWS exception caught - Secret ${coordinate.coordinateBase} not found" }
-          ""
-        } else {
-          throw e
-        }
-      }
-    if (existingSecret.isNotEmpty()) {
+    if (read(coordinate).isNotEmpty()) {
       logger.debug { "Secret ${coordinate.coordinateBase} found updating payload." }
       val request =
         UpdateSecretRequest()

airbyte-config/config-secrets/src/main/kotlin/secrets/persistence/RuntimeSecretPersistence.kt

@@ -12,8 +12,8 @@ import io.github.oshai.kotlinlogging.KotlinLogging
 import io.micronaut.context.annotation.Property
 import kotlin.jvm.optionals.getOrElse
 
-private const val AWS_ASSUME_ROLE_ACCESS_KEY_ID = "AWS_ASSUME_ROLE_ACCESS_KEY_ID"
-private const val AWS_ASSUME_ROLE_SECRET_ACCESS_KEY = "AWS_ASSUME_ROLE_SECRET_ACCESS_KEY"
+private const val AWS_ACCESS_KEY = "AWS_ACCESS_KEY_ID"
+private const val AWS_SECRET_ACCESS_KEY = "AWS_SECRET_ACCESS_KEY"
 
 /**
  * Class representing a RuntimeSecretPersistence to be used for BYO secrets customers.
@@ -22,10 +22,10 @@ class RuntimeSecretPersistence(private val secretPersistenceConfig: SecretPersis
   private val log = KotlinLogging.logger {}
 
   @Property(name = "airbyte.secret.store.aws.access-key")
-  private val awsAccessKey: String? = System.getenv(AWS_ASSUME_ROLE_ACCESS_KEY_ID)
+  private val awsAccessKey: String? = System.getenv(AWS_ACCESS_KEY)
 
   @Property(name = "airbyte.secret.store.aws.secret-key")
-  private val awsSecretKey: String? = System.getenv(AWS_ASSUME_ROLE_SECRET_ACCESS_KEY)
+  private val awsSecretKey: String? = System.getenv(AWS_SECRET_ACCESS_KEY)
 
   private fun buildSecretPersistence(secretPersistenceConfig: SecretPersistenceConfig): SecretPersistence {
     return when (secretPersistenceConfig.secretPersistenceType) {