fix(FS-1204): ibm watsonx s3 destination bucket auth (#594)

Author: mpolomdeepsense

CHANGELOG.md

@@ -1,3 +1,7 @@
+## 1.2.14
+
+* **Fix: IBM watsonx.data S3 bucket authentication fix**
+
 ## 1.2.13
 
 * **Feat: Make Bedrock embedding credentials optional and add IAM support**

test/unit/connectors/ibm_watsonx/test_ibm_watsonx_s3.py

@@ -243,6 +243,7 @@ def test_ibm_watsonx_connection_config_get_catalog_success(
             "s3.access-key-id": "test_access_key_id",
             "s3.secret-access-key": "test_secret_access_key",
             "s3.region": "test_region",
+            "header.X-Iceberg-Access-Delegation": None,
         }
     )
 

unstructured_ingest/__version__.py

@@ -1 +1 @@
-__version__ = "1.2.13"  # pragma: no cover
+__version__ = "1.2.14"  # pragma: no cover

unstructured_ingest/processes/connectors/ibm_watsonx/ibm_watsonx_s3.py

@@ -147,6 +147,10 @@ def get_catalog_config(self) -> dict[str, Any]:
             "s3.access-key-id": self.access_config.get_secret_value().access_key_id,
             "s3.secret-access-key": self.access_config.get_secret_value().secret_access_key,
             "s3.region": self.object_storage_region,
+            # By default this header is set to `vended-credentials`, and default bucket
+            # configuration doesn't allow vending credentials. We need to set it to `None`
+            # in order to use user-provided S3 credentials.
+            "header.X-Iceberg-Access-Delegation": None,
         }
 
     @requires_dependencies(["pyiceberg"], extras="ibm-watsonx-s3")