Class: Chef::Provisioning::AWSDriver::Credentials2

Inherits:

Object

Object
Chef::Provisioning::AWSDriver::Credentials2

show all

Defined in:: lib/chef/provisioning/aws_driver/credentials2.rb

Overview

Loads the credentials for the AWS SDK V2 Attempts to load credentials in the order specified at docs.aws.amazon.com/sdkforruby/api/index.html#Configuration

Instance Attribute Summary collapse

#profile_name ⇒ Object readonly

Returns the value of attribute profile_name.

Instance Method Summary collapse

#get_credentials ⇒ Object

Try to load the credentials from an ordered list of sources and return the first one that can be loaded successfully.
#initialize(options = {}) ⇒ Credentials2 constructor

A new instance of Credentials2.

Constructor Details

#initialize(options = {}) ⇒ `Credentials2`

Returns a new instance of Credentials2.

Parameters:

options (Hash) (defaults to: {})

Options Hash (options):

:profile_name (String) — default: ENV["AWS_DEFAULT_PROFILE"] —

The profile name to use when loading the config from ‘~/.aws/credentials’. This can be nil.



22
23
24

# File 'lib/chef/provisioning/aws_driver/credentials2.rb', line 22

def initialize(options = {})
  @profile_name = options[:profile_name] || ENV["AWS_DEFAULT_PROFILE"]
end

Instance Attribute Details

#profile_name ⇒ `Object` (readonly)

Returns the value of attribute profile_name.



17
18
19

# File 'lib/chef/provisioning/aws_driver/credentials2.rb', line 17

def profile_name
  @profile_name
end

Instance Method Details

#get_credentials ⇒ `Object`

Try to load the credentials from an ordered list of sources and return the first one that can be loaded successfully.

# File 'lib/chef/provisioning/aws_driver/credentials2.rb', line 28

def get_credentials
  # http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-environment
  shared_creds = ::Aws::SharedCredentials.new(:profile_name => profile_name, :path => ENV["AWS_CONFIG_FILE"])
  instance_profile_creds = ::Aws::InstanceProfileCredentials.new(:retries => 1)

  if ENV["AWS_ACCESS_KEY_ID"] && ENV["AWS_SECRET_ACCESS_KEY"]
    creds = ::Aws::Credentials.new(
      ENV["AWS_ACCESS_KEY_ID"],
      ENV["AWS_SECRET_ACCESS_KEY"],
      ENV["AWS_SESSION_TOKEN"]
    )
  elsif shared_creds.set?
    creds = shared_creds
  elsif instance_profile_creds.set?
    creds = instance_profile_creds
  else
    raise LoadCredentialsError.new("Could not load credentials from the environment variables, the .aws/credentials file or the metadata service")
  end
  creds
end