Sha256: b6020e3b406e27e3e85fbbe1d629c172cf51b69de66a9a3a7e523f6790f40161
Contents?: true
Size: 1.3 KB
Versions: 45
Compression:
Stored size: 1.3 KB
Contents
module Aws
# An auto-refreshing credential provider that works by assuming
# a role via {Aws::STS::Client#assume_role}.
#
# role_credentials = Aws::AssumeRoleCredentials.new(
# client: Aws::STS::Client.new(...),
# role_arn: "linked::account::arn",
# role_session_name: "session-name"
# )
#
# ec2 = Aws::EC2::Client.new(credentials: role_credentials)
#
# If you omit `:client` option, a new {STS::Client} object will be
# constructed.
class AssumeRoleCredentials < Credentials
include RefreshingCredentials
# @option options [required, String] :role_arn
# @option options [required, String] :role_session_name
# @option options [String] :policy
# @option options [Integer] :duration_seconds
# @option options [String] :external_id
# @option opitons [STS::Client] :client
def initialize(options = {})
@options = options.dup
@client = @options.delete(:client) || STS::Client.new
super
end
# @return [STS::Client]
attr_reader :client
private
def refresh
creds = @client.assume_role(@options).credentials
@access_key_id = creds.access_key_id
@secret_access_key = creds.secret_access_key
@session_token = creds.session_token
@expiration = creds.expiration
end
end
end
Version data entries
45 entries across 45 versions & 1 rubygems