Ignore invalid ARNs when trying to parse accountId in assume role credentials.

Author: alextwoods

Diff for: gems/aws-sdk-core/CHANGELOG.md

@@ -3,6 +3,8 @@ Unreleased Changes
 
 * Issue - Add service identifiers to GlobalConfig's list of identifiers outside of autoload (#3113).
 
+* Issue - Ignore invalid ARNs when trying to parse accountId in assume role credentials.
+
 3.208.0 (2024-09-23)
 ------------------
 

Diff for: gems/aws-sdk-core/lib/aws-sdk-core/assume_role_credentials.rb

@@ -64,11 +64,17 @@ def initialize(options = {})
     def refresh
       c = @client.assume_role(@assume_role_params)
       creds = c.credentials
+      account_id =
+        begin
+          ARNParser.parse(c.assumed_role_user.arn).account_id
+        rescue Aws::Errors::InvalidARNError
+          nil
+        end
       @credentials = Credentials.new(
         creds.access_key_id,
         creds.secret_access_key,
         creds.session_token,
-        account_id: ARNParser.parse(c.assumed_role_user.arn).account_id
+        account_id: account_id
       )
       @expiration = creds.expiration
     end

Diff for: gems/aws-sdk-core/lib/aws-sdk-core/assume_role_web_identity_credentials.rb

@@ -75,11 +75,17 @@ def refresh
 
       c = @client.assume_role_with_web_identity(@assume_role_web_identity_params)
       creds = c.credentials
+      account_id =
+        begin
+          ARNParser.parse(c.assumed_role_user.arn).account_id
+        rescue Aws::Errors::InvalidARNError
+          nil
+        end
       @credentials = Credentials.new(
         creds.access_key_id,
         creds.secret_access_key,
         creds.session_token,
-        account_id: ARNParser.parse(c.assumed_role_user.arn).account_id
+        account_id: account_id
       )
       @expiration = creds.expiration
     end