Class: VagrantPlugins::AWS::Credentials

Inherits:
Object
  • Object
show all
Defined in:
lib/vagrant-aws/config.rb

Instance Method Summary collapse

Instance Method Details

#get_aws_info(profile, location) ⇒ Object

This module reads AWS config and credentials. Behaviour aims to mimic what is described in AWS documentation: docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html docs.aws.amazon.com/cli/latest/topic/config-vars.html Which is the following (stopping at the first successful case): 1) read config and credentials from environment variables 2) read config and credentials from files at location defined by environment variables 3) read config and credentials from files at default location

The mandatory fields for a successful “get credentials” are the id and the secret keys. Region is not required since Config#finalize falls back to sensible defaults. The behaviour is all-or-nothing (ie: no mixing between vars and files).

It also allows choosing a profile (by default it’s [default]) and an “info” directory (by default $HOME/.aws), which can be specified in the Vagrantfile. Supported information: region, aws_access_key_id, aws_secret_access_key, and aws_session_token.



499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
 
# File 'lib/vagrant-aws/config.rb', line 499

def get_aws_info(profile, location)
  # read credentials from environment variables
  aws_region, aws_id, aws_secret, aws_token = read_aws_environment()
  # if nothing there, then read from files
  # (the _if_ doesn't check aws_region since Config#finalize sets one by default)
  if aws_id.to_s == '' or aws_secret.to_s == ''
    # check if there are env variables for credential location, if so use then
    aws_config = ENV['AWS_CONFIG_FILE'].to_s
    aws_creds = ENV['AWS_SHARED_CREDENTIALS_FILE'].to_s
    if aws_config == '' or aws_creds == ''
      aws_config = location + 'config'
      aws_creds = location + 'credentials'
    end
    if File.exist?(aws_config) and File.exist?(aws_creds)
      aws_region, aws_id, aws_secret, aws_token = read_aws_files(profile, aws_config, aws_creds)
    end
  end
  aws_region = nil if aws_region == ''
  aws_id     = nil if aws_id == ''
  aws_secret = nil if aws_secret == ''
  aws_token  = nil if aws_token == ''

  return aws_region, aws_id, aws_secret, aws_token
end