aws · S-Saranya1 · Sep 16, 2025 · Sep 10, 2025 · Sep 10, 2025 · Sep 11, 2025
diff --git a/...h/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java b/...h/src/main/java/software/amazon/awssdk/auth/credentials/ContainerCredentialsProvider.java
@@ -39,6 +39,7 @@
 import software.amazon.awssdk.auth.credentials.internal.HttpCredentialsLoader.LoadedCredentials;
 import software.amazon.awssdk.core.SdkSystemSetting;
 import software.amazon.awssdk.core.exception.SdkClientException;
+import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId;
 import software.amazon.awssdk.core.util.SdkUserAgent;
 import software.amazon.awssdk.regions.util.ResourcesEndpointProvider;
 import software.amazon.awssdk.regions.util.ResourcesEndpointRetryPolicy;
@@ -72,7 +73,8 @@
 public final class ContainerCredentialsProvider
     implements HttpCredentialsProvider,
                ToCopyableBuilder<ContainerCredentialsProvider.Builder, ContainerCredentialsProvider> {
-    private static final String PROVIDER_NAME = "ContainerCredentialsProvider";
+    private static final String CLASS_NAME = "ContainerCredentialsProvider";
+    private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_HTTP.value();
     private static final Predicate<InetAddress> IS_LOOPBACK_ADDRESS = InetAddress::isLoopbackAddress;
     private static final Predicate<InetAddress> ALLOWED_HOSTS_RULES = IS_LOOPBACK_ADDRESS;
     private static final String HTTPS = "https";
@@ -90,6 +92,7 @@ public final class ContainerCredentialsProvider
     private final Boolean asyncCredentialUpdateEnabled;
 
     private final String asyncThreadName;
+    private final String source;
 
     /**
      * @see #builder()
@@ -98,7 +101,8 @@ private ContainerCredentialsProvider(BuilderImpl builder) {
         this.endpoint = builder.endpoint;
         this.asyncCredentialUpdateEnabled = builder.asyncCredentialUpdateEnabled;
         this.asyncThreadName = builder.asyncThreadName;
-        this.httpCredentialsLoader = HttpCredentialsLoader.create(PROVIDER_NAME);
+        this.source = builder.source;
+        this.httpCredentialsLoader = HttpCredentialsLoader.create(providerName());
 
         if (Boolean.TRUE.equals(builder.asyncCredentialUpdateEnabled)) {
             Validate.paramNotBlank(builder.asyncThreadName, "asyncThreadName");
@@ -126,7 +130,7 @@ public static Builder builder() {
 
     @Override
     public String toString() {
-        return ToString.create(PROVIDER_NAME);
+        return ToString.create(CLASS_NAME);
     }
 
     private RefreshResult<AwsCredentials> refreshCredentials() {
@@ -160,6 +164,14 @@ private Instant prefetchTime(Instant expiration) {
         return ComparableUtils.minimum(oneHourFromNow, fifteenMinutesBeforeExpiration);
     }
 
+    private String providerName() {
+        String providerName = PROVIDER_NAME;
+        if (source != null && !source.isEmpty()) {
+            providerName = String.format("%s,%s", source, providerName);
+        }
+        return providerName;
+    }
+
     @Override
     public AwsCredentials resolveCredentials() {
         return credentialsCache.get();
@@ -318,6 +330,7 @@ private static final class BuilderImpl implements Builder {
         private String endpoint;
         private Boolean asyncCredentialUpdateEnabled;
         private String asyncThreadName;
+        private String source;
 
         private BuilderImpl() {
             asyncThreadName("container-credentials-provider");
@@ -327,6 +340,7 @@ private BuilderImpl(ContainerCredentialsProvider credentialsProvider) {
             this.endpoint = credentialsProvider.endpoint;
             this.asyncCredentialUpdateEnabled = credentialsProvider.asyncCredentialUpdateEnabled;
             this.asyncThreadName = credentialsProvider.asyncThreadName;
+            this.source = credentialsProvider.source;
         }
 
         @Override
@@ -359,6 +373,16 @@ public void setAsyncThreadName(String asyncThreadName) {
             asyncThreadName(asyncThreadName);
         }
 
+        @Override
+        public Builder source(String source) {
+            this.source = source;
+            return this;
+        }
+
+        public void setSource(String source) {
+            source(source);
+        }
+
         @Override
         public ContainerCredentialsProvider build() {
             return new ContainerCredentialsProvider(this);

diff --git a/.../java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java b/.../java/software/amazon/awssdk/auth/credentials/EnvironmentVariableCredentialsProvider.java
@@ -18,6 +18,7 @@
 import java.util.Optional;
 import software.amazon.awssdk.annotations.SdkPublicApi;
 import software.amazon.awssdk.auth.credentials.internal.SystemSettingsCredentialsProvider;
+import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId;
 import software.amazon.awssdk.utils.SystemSetting;
 import software.amazon.awssdk.utils.ToString;
 
@@ -28,7 +29,8 @@
 @SdkPublicApi
 public final class EnvironmentVariableCredentialsProvider extends SystemSettingsCredentialsProvider {
 
-    private static final String PROVIDER_NAME = "EnvironmentVariableCredentialsProvider";
+    private static final String CLASS_NAME = "EnvironmentVariableCredentialsProvider";
+    private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_ENV_VARS.value();
 
     private EnvironmentVariableCredentialsProvider() {
     }
@@ -52,6 +54,6 @@ protected String provider() {
 
     @Override
     public String toString() {
-        return ToString.create(PROVIDER_NAME);
+        return ToString.create(CLASS_NAME);
     }
 }
diff --git a/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java b/core/auth/src/main/java/software/amazon/awssdk/auth/credentials/HttpCredentialsProvider.java
@@ -48,6 +48,13 @@ interface Builder<TypeToBuildT extends HttpCredentialsProvider, BuilderT extends
          */
         BuilderT endpoint(String endpoint);
 
+        /**
+         * Configure the source of this credentials provider. This is used for business metrics tracking.
+         */
+        default BuilderT source(String source) {
+            throw new UnsupportedOperationException();
+        }
+
         /**
          * Build the credentials provider based on the configuration on this builder.
          */

diff --git a/...main/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProvider.java b/...main/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProvider.java
@@ -37,6 +37,7 @@
 import software.amazon.awssdk.core.SdkSystemSetting;
 import software.amazon.awssdk.core.exception.SdkClientException;
 import software.amazon.awssdk.core.exception.SdkServiceException;
+import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId;
 import software.amazon.awssdk.profiles.ProfileFile;
 import software.amazon.awssdk.profiles.ProfileFileSupplier;
 import software.amazon.awssdk.profiles.ProfileFileSystemSetting;
@@ -67,7 +68,8 @@ public final class InstanceProfileCredentialsProvider
     implements HttpCredentialsProvider,
                ToCopyableBuilder<InstanceProfileCredentialsProvider.Builder, InstanceProfileCredentialsProvider> {
     private static final Logger log = Logger.loggerFor(InstanceProfileCredentialsProvider.class);
-    private static final String PROVIDER_NAME = "InstanceProfileCredentialsProvider";
+    private static final String CLASS_NAME = "InstanceProfileCredentialsProvider";
+    private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_IMDS.value();
     private static final String EC2_METADATA_TOKEN_HEADER = "x-aws-ec2-metadata-token";
     private static final String SECURITY_CREDENTIALS_RESOURCE = "/latest/meta-data/iam/security-credentials/";
     private static final String TOKEN_RESOURCE = "/latest/api/token";
@@ -90,6 +92,8 @@ public final class InstanceProfileCredentialsProvider
 
     private final Duration staleTime;
 
+    private final String source;
+
     /**
      * @see #builder()
      */
@@ -102,8 +106,9 @@ private InstanceProfileCredentialsProvider(BuilderImpl builder) {
                                    .orElseGet(() -> ProfileFileSupplier.fixedProfileFile(ProfileFile.defaultProfileFile()));
         this.profileName = Optional.ofNullable(builder.profileName)
                                    .orElseGet(ProfileFileSystemSetting.AWS_PROFILE::getStringValueOrThrow);
+        this.source = builder.source;
 
-        this.httpCredentialsLoader = HttpCredentialsLoader.create(PROVIDER_NAME);
+        this.httpCredentialsLoader = HttpCredentialsLoader.create(providerName());
         this.configProvider =
             Ec2MetadataConfigProvider.builder()
                                      .profileFile(profileFile)
@@ -202,9 +207,17 @@ public void close() {
         credentialsCache.close();
     }
 
+    private String providerName() {
+        String providerName = PROVIDER_NAME;
+        if (source != null && !source.isEmpty()) {
+            providerName = String.format("%s,%s", source, providerName);
+        }
+        return providerName;
+    }
+
     @Override
     public String toString() {
-        return ToString.create(PROVIDER_NAME);
+        return ToString.create(CLASS_NAME);
     }
 
     private ResourcesEndpointProvider createEndpointProvider() {
@@ -372,6 +385,7 @@ static final class BuilderImpl implements Builder {
         private Supplier<ProfileFile> profileFile;
         private String profileName;
         private Duration staleTime;
+        private String source;
 
         private BuilderImpl() {
             asyncThreadName("instance-profile-credentials-provider");
@@ -385,6 +399,7 @@ private BuilderImpl(InstanceProfileCredentialsProvider provider) {
             this.profileFile = provider.profileFile;
             this.profileName = provider.profileName;
             this.staleTime = provider.staleTime;
+            this.source = provider.source;
         }
 
         Builder clock(Clock clock) {
@@ -463,6 +478,16 @@ public void setStaleTime(Duration duration) {
             staleTime(duration);
         }
 
+        @Override
+        public Builder source(String source) {
+            this.source = source;
+            return this;
+        }
+
+        public void setSource(String source) {
+            source(source);
+        }
+
         @Override
         public InstanceProfileCredentialsProvider build() {
             return new InstanceProfileCredentialsProvider(this);

diff --git a/...uth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java b/...uth/src/main/java/software/amazon/awssdk/auth/credentials/ProcessCredentialsProvider.java
@@ -25,6 +25,7 @@
 import java.util.Collections;
 import java.util.List;
 import software.amazon.awssdk.annotations.SdkPublicApi;
+import software.amazon.awssdk.core.useragent.BusinessMetricFeatureId;
 import software.amazon.awssdk.protocols.jsoncore.JsonNode;
 import software.amazon.awssdk.protocols.jsoncore.JsonNodeParser;
 import software.amazon.awssdk.utils.DateUtils;
@@ -64,7 +65,8 @@ public final class ProcessCredentialsProvider
     implements AwsCredentialsProvider,
                SdkAutoCloseable,
                ToCopyableBuilder<ProcessCredentialsProvider.Builder, ProcessCredentialsProvider> {
-    private static final String PROVIDER_NAME = "ProcessCredentialsProvider";
+    private static final String CLASS_NAME = "ProcessCredentialsProvider";
+    private static final String PROVIDER_NAME = BusinessMetricFeatureId.CREDENTIALS_PROCESS.value();
     private static final JsonNodeParser PARSER = JsonNodeParser.builder()
                                                                .removeErrorLocations(true)
                                                                .build();
@@ -82,6 +84,8 @@ public final class ProcessCredentialsProvider
 
     private final Boolean asyncCredentialUpdateEnabled;
 
+    private final String source;
+
     /**
      * @see #builder()
      */
@@ -93,6 +97,7 @@ private ProcessCredentialsProvider(Builder builder) {
         this.commandAsListOfStringsFromBuilder = builder.commandAsListOfStrings;
         this.asyncCredentialUpdateEnabled = builder.asyncCredentialUpdateEnabled;
         this.staticAccountId = builder.staticAccountId;
+        this.source = builder.source;
 
         CachedSupplier.Builder<AwsCredentials> cacheBuilder = CachedSupplier.builder(this::refreshCredentials)
                                                                             .cachedValueName(toString());
@@ -171,6 +176,14 @@ private JsonNode parseProcessOutput(String processOutput) {
         return credentialsJson;
     }
 
+    private String providerName() {
+        String providerName = PROVIDER_NAME;
+        if (source != null && !source.isEmpty()) {
+            providerName = String.format("%s,%s", source, providerName);
+        }
+        return providerName;
+    }
+
     /**
      * Parse the process output to retrieve the credentials.
      */
@@ -192,13 +205,13 @@ private AwsCredentials credentials(JsonNode credentialsJson) {
                                     .sessionToken(sessionToken)
                                     .expirationTime(credentialExpirationTime(credentialsJson))
                                     .accountId(resolvedAccountId)
-                                    .providerName(PROVIDER_NAME)
+                                    .providerName(providerName())
                                     .build() :
                AwsBasicCredentials.builder()
                                   .accessKeyId(accessKeyId)
                                   .secretAccessKey(secretAccessKey)
                                   .accountId(resolvedAccountId)
-                                  .providerName(PROVIDER_NAME)
+                                  .providerName(providerName())
                                   .build();
     }
 
@@ -270,6 +283,7 @@ public static class Builder implements CopyableBuilder<Builder, ProcessCredentia
         private Duration credentialRefreshThreshold = Duration.ofSeconds(15);
         private long processOutputLimit = 64000;
         private String staticAccountId;
+        private String source;
 
         /**
          * @see #builder()
@@ -284,6 +298,7 @@ private Builder(ProcessCredentialsProvider provider) {
             this.credentialRefreshThreshold = provider.credentialRefreshThreshold;
             this.processOutputLimit = provider.processOutputLimit;
             this.staticAccountId = provider.staticAccountId;
+            this.source = provider.source;
         }
 
         /**
@@ -357,14 +372,22 @@ public Builder staticAccountId(String staticAccountId) {
             return this;
         }
 
+        /**
+         * Configure the source of this credentials provider. This is used for business metrics tracking.
+         */
+        public Builder source(String source) {
+            this.source = source;
+            return this;
+        }
+
         public ProcessCredentialsProvider build() {
             return new ProcessCredentialsProvider(this);
         }
     }
 
     @Override
     public String toString() {
-        return ToString.builder(PROVIDER_NAME)
+        return ToString.builder(CLASS_NAME)
                        .add("cmd", executableCommand)
                        .build();
     }

diff --git a/.../main/java/software/amazon/awssdk/auth/credentials/ProfileProviderCredentialsContext.java b/.../main/java/software/amazon/awssdk/auth/credentials/ProfileProviderCredentialsContext.java
@@ -29,10 +29,12 @@ public final class ProfileProviderCredentialsContext {
 
     private final Profile profile;
     private final ProfileFile profileFile;
+    private final String source;
 
-    private ProfileProviderCredentialsContext(Profile profile, ProfileFile profileFile) {
-        this.profile = profile;
-        this.profileFile = profileFile;
+    private ProfileProviderCredentialsContext(Builder builder) {
+        this.profile = builder.profile;
+        this.profileFile = builder.profileFile;
+        this.source = builder.source;
     }
 
     public static Builder builder() {
@@ -55,6 +57,14 @@ public ProfileFile profileFile() {
         return profileFile;
     }
 
+    /**
+     * An optional string list of {@link software.amazon.awssdk.core.useragent.BusinessMetricFeatureId} denoting previous
+     * credentials providers that are chained with this one.
+     */
+    public String source() {
+        return source;
+    }
+
     @Override
     public boolean equals(Object o) {
         if (this == o) {
@@ -78,6 +88,7 @@ public int hashCode() {
     public static final class Builder {
         private Profile profile;
         private ProfileFile profileFile;
+        private String source;
 
         private Builder() {
         }
@@ -103,8 +114,19 @@ public Builder profileFile(ProfileFile profileFile) {
             return this;
         }
 
+        /**
+         * Builder interface to set source.
+         * @param source An optional string list of {@link software.amazon.awssdk.core.useragent.BusinessMetricFeatureId}
+         *               denoting previous credentials providers that are chained with this one.
+         * @return Returns a reference to this object so that method calls can be chained together.
+         */
+        public Builder source(String source) {
+            this.source = source;
+            return this;
+        }
+
         public ProfileProviderCredentialsContext build() {
-            return new ProfileProviderCredentialsContext(profile, profileFile);
+            return new ProfileProviderCredentialsContext(this);
         }
     }
 }