Class: Aws::Session::Credentials::SessionBuilder

Inherits:
Object
  • Object
show all
Defined in:
lib/aws/session/credentials/session_builder.rb

Overview

Builds AWS session

Instance Method Summary collapse

Constructor Details

#initialize(options) ⇒ SessionBuilder

Returns a new instance of SessionBuilder.

Parameters:

  • options (Hash) 


7
8
9
10
11
12
13
14
15
 
# File 'lib/aws/session/credentials/session_builder.rb', line 7

def initialize(options)
  @mfa_device = options[:mfa_device]
  @session_duration_seconds = options[:session_duration_seconds]
  @role_duration_seconds = options[:role_duration_seconds]
  @role_arn = options[:role_arn]
  @role_session_name = options[:role_session_name]
  @source_profile = options[:source_profile]
  @sts_client = options[:sts_client]
end

Instance Method Details

#role_profileProfile

Returns:



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'lib/aws/session/credentials/session_builder.rb', line 18

def role_profile
  resp = sts_client.assume_role(
    role_arn: @role_arn,
    role_session_name: @role_session_name,
    duration_seconds: @role_duration_seconds,
    serial_number: @mfa_device.device_arn,
    token_code: @mfa_device.code
  )
  return Profile.new(
    aws_access_key_id: resp.credentials['access_key_id'],
    aws_secret_access_key: resp.credentials['secret_access_key'],
    aws_session_token: resp.credentials['session_token'],
    aws_region: @source_profile.aws_region,
    expiry: resp.credentials['expiration'].to_i
  ) if resp
end

#session_profileProfile

Returns:



36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
# File 'lib/aws/session/credentials/session_builder.rb', line 36

def session_profile
  resp = sts_client.get_session_token(
    duration_seconds: @session_duration_seconds,
    serial_number: @mfa_device.device_arn,
    token_code: @mfa_device.code
  )
  return Profile.new(
    aws_access_key_id: resp.credentials['access_key_id'],
    aws_secret_access_key: resp.credentials['secret_access_key'],
    aws_session_token: resp.credentials['session_token'],
    aws_region: @source_profile.aws_region,
    expiry: resp.credentials['expiration'].to_i
  ) if resp
end

#sts_clientObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



52
53
54
55
56
57
 
# File 'lib/aws/session/credentials/session_builder.rb', line 52

def sts_client
  @client ||= Aws::STS::Client.new(
    region: @source_profile.aws_region,
    credentials: @source_profile.aws_credentials
  )
end