Sha256: b6020e3b406e27e3e85fbbe1d629c172cf51b69de66a9a3a7e523f6790f40161

Contents?: true

Size: 1.3 KB

Versions: 45

Compression:

Stored size: 1.3 KB

Contents

module Aws

  # An auto-refreshing credential provider that works by assuming
  # a role via {Aws::STS::Client#assume_role}.
  #
  #    role_credentials = Aws::AssumeRoleCredentials.new(
  #      client: Aws::STS::Client.new(...),
  #      role_arn: "linked::account::arn",
  #      role_session_name: "session-name"
  #    )
  #
  #    ec2 = Aws::EC2::Client.new(credentials: role_credentials)
  #
  # If you omit `:client` option, a new {STS::Client} object will be
  # constructed.
  class AssumeRoleCredentials < Credentials

    include RefreshingCredentials

    # @option options [required, String] :role_arn
    # @option options [required, String] :role_session_name
    # @option options [String] :policy
    # @option options [Integer] :duration_seconds
    # @option options [String] :external_id
    # @option opitons [STS::Client] :client
    def initialize(options = {})
      @options = options.dup
      @client = @options.delete(:client) || STS::Client.new
      super
    end

    # @return [STS::Client]
    attr_reader :client

    private

    def refresh
      creds = @client.assume_role(@options).credentials
      @access_key_id = creds.access_key_id
      @secret_access_key = creds.secret_access_key
      @session_token = creds.session_token
      @expiration = creds.expiration
    end

  end
end

Version data entries

45 entries across 45 versions & 1 rubygems

Version Path
aws-sdk-core-2.0.8 lib/aws-sdk-core/assume_role_credentials.rb
aws-sdk-core-2.0.7 lib/aws-sdk-core/assume_role_credentials.rb
aws-sdk-core-2.0.6 lib/aws-sdk-core/assume_role_credentials.rb
aws-sdk-core-2.0.5 lib/aws-sdk-core/assume_role_credentials.rb
aws-sdk-core-2.0.4 lib/aws-sdk-core/assume_role_credentials.rb