Skip to content

Commit 2c9cea4

Browse files
authored
Merge pull request #72 from JesseStimpson/master
Support AWS credential_process
2 parents a6d6bf9 + 66434d4 commit 2c9cea4

4 files changed

Lines changed: 36 additions & 1 deletion

File tree

src/aws_credentials_file.erl

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,29 @@ parse_config_file(Path, Options) ->
135135
read_from_profile(File, Profile) ->
136136
case maps:get(Profile, File, undefined) of
137137
undefined -> {error, {desired_profile_not_found, Profile}};
138-
Map -> {ok, Map}
138+
Map ->
139+
case maps:is_key(<<"credential_process">>, Map) of
140+
true ->
141+
% Source credentials with an external process
142+
% https://docs.aws.amazon.com/cli/v1/userguide/cli-configure-sourcing-external.html
143+
Process = maps:get(<<"credential_process">>, Map),
144+
Stdout = os:cmd(binary_to_list(Process)),
145+
CredResult = jsx:decode(iolist_to_binary(Stdout)),
146+
CredsMap = maps:from_list(lists:filtermap(
147+
fun
148+
({<<"AccessKeyId">>, AKI}) ->
149+
{true, {<<"aws_access_key_id">>, AKI}};
150+
({<<"SecretAccessKey">>, SAK}) ->
151+
{true, {<<"aws_secret_access_key">>, SAK}};
152+
({<<"SessionToken">>, ST}) ->
153+
{true, {<<"aws_session_token">>, ST}};
154+
(_) ->
155+
false
156+
end, maps:to_list(CredResult))),
157+
{ok, maps:merge(Map, CredsMap)};
158+
false ->
159+
{ok, Map}
160+
end
139161
end.
140162

141163
-spec desired_profile(aws_credentials_provider:options()) -> binary().

test/aws_credentials_providers_SUITE.erl

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@ all() ->
3535
, {group, env}
3636
, {group, application_env}
3737
, {group, ecs}
38+
, {group, credential_process}
3839
].
3940

4041
groups() ->
@@ -47,6 +48,7 @@ groups() ->
4748
, {env, [], all_testcases()}
4849
, {application_env, [], all_testcases()}
4950
, {ecs, [], all_testcases()}
51+
, {credential_process, [], all_testcases()}
5052
].
5153

5254
all_testcases() ->
@@ -69,6 +71,8 @@ init_per_group(GroupName, Config) ->
6971
credential_env -> init_group(credential_env, provider(file), credential_env, Config);
7072
profile_env -> init_group(profile_env, provider(file), config_credential, Config);
7173
application_env -> init_group(application_env, provider(env), application_env, Config);
74+
credential_process ->
75+
init_group(credential_process, provider(file), credential_process, Config);
7276
GroupName -> init_group(GroupName, Config)
7377
end.
7478

@@ -111,6 +115,9 @@ assert_test(credential_env) ->
111115
assert_test(profile_env) ->
112116
Provider = provider(file),
113117
assert_values(?DUMMY_ACCESS_KEY2, ?DUMMY_SECRET_ACCESS_KEY2, Provider);
118+
assert_test(credential_process) ->
119+
Provider = provider(file),
120+
assert_values(?DUMMY_ACCESS_KEY2, ?DUMMY_SECRET_ACCESS_KEY2, Provider);
114121
assert_test(GroupName) ->
115122
Provider = provider(GroupName),
116123
assert_values(?DUMMY_ACCESS_KEY, ?DUMMY_SECRET_ACCESS_KEY, Provider).
@@ -145,6 +152,8 @@ provider_opts(config_credential, Config) ->
145152
#{credential_path => ?config(data_dir, Config) ++ "config_credential/"};
146153
provider_opts(credential_env, _Config) ->
147154
#{credential_path => os:getenv("HOME")};
155+
provider_opts(credential_process, Config) ->
156+
#{credential_path => ?config(data_dir, Config) ++ "credential_process/"};
148157
provider_opts(_GroupName, _Config) ->
149158
#{}.
150159

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
[default]
2+
region = us-east-1
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
[default]
2+
credential_process = echo '{"AccessKeyId":"dummy_access_key2", "SecretAccessKey":"dummy_secret_access_key2"}'

0 commit comments

Comments
 (0)