Aws::SharedConfig

def assume_role_credentials_from_config(opts = {})

file, if present.
Will always attempt first to assume a role from the shared credentials
Attempts to assume a role from shared config or shared credentials file.

def assume_role_credentials_from_config(opts = {})
  p = opts.delete(:profile) || @profile_name
  credentials = assume_role_from_profile(@parsed_credentials, p, opts)
  if @parsed_config
    credentials ||= assume_role_from_profile(@parsed_config, p, opts)
  end
  credentials
end

def assume_role_from_profile(cfg, profile, opts)

def assume_role_from_profile(cfg, profile, opts)
  if cfg && prof_cfg = cfg[profile]
    opts[:source_profile] ||= prof_cfg["source_profile"]
    if opts[:source_profile]
      opts[:credentials] = credentials(profile: opts[:source_profile])
      if opts[:credentials]
        opts[:role_session_name] ||= prof_cfg["role_session_name"]
        opts[:role_session_name] ||= "default_session"
        opts[:role_arn] ||= prof_cfg["role_arn"]
        opts[:external_id] ||= prof_cfg["external_id"]
        opts[:serial_number] ||= prof_cfg["mfa_serial"]
        opts[:profile] = opts.delete(:source_profile)
        AssumeRoleCredentials.new(opts)
      else
        raise Errors::NoSourceProfileError.new(
          "Profile #{profile} has a role_arn, and source_profile, but the"\
            " source_profile does not have credentials."
        )
      end
    elsif prof_cfg["role_arn"]
      raise Errors::NoSourceProfileError.new(
        "Profile #{profile} has a role_arn, but no source_profile."
      )
    else
      nil
    end
  else
    nil
  end
end

def config_enabled?

Returns:

(Boolean) - returns `true` if use of the shared config file is

def config_enabled?
  @config_enabled ? true : false
end

def credentials(opts = {})

Returns:

(Aws::Credentials) - credentials sourced from configuration values,

Options Hash: (**options)

:profile (String) -- the name of the configuration file from

Parameters:

opts (Hash) --

def credentials(opts = {})
  p = opts[:profile] || @profile_name
  validate_profile_exists(p) if credentials_present?
  if credentials = credentials_from_shared(p, opts)
    credentials
  elsif credentials = credentials_from_config(p, opts)
    credentials
  else
    nil
  end
end

def credentials_complete(creds)

def credentials_complete(creds)
  creds.set?
end

def credentials_from_config(profile, opts)

def credentials_from_config(profile, opts)
  if @parsed_config && prof_config = @parsed_config[profile]
    credentials_from_profile(prof_config)
  else
    nil
  end
end

def credentials_from_profile(prof_config)

def credentials_from_profile(prof_config)
  creds = Credentials.new(
    prof_config['aws_access_key_id'],
    prof_config['aws_secret_access_key'],
    prof_config['aws_session_token']
  )
  if credentials_complete(creds)
    creds
  else
    nil
  end
end

def credentials_from_shared(profile, opts)

def credentials_from_shared(profile, opts)
  if @parsed_credentials && prof_config = @parsed_credentials[profile]
    credentials_from_profile(prof_config)
  else
    nil
  end
end

def credentials_present?

def credentials_present?
  (@parsed_credentials && !@parsed_credentials.empty?) ||
    (@parsed_config && !@parsed_config.empty?)
end

def default_shared_config_path(file)

def default_shared_config_path(file)
  File.join(Dir.home, '.aws', file)
rescue ArgumentError
  # Dir.home raises ArgumentError when ENV['home'] is not set
  nil
end

def determine_config_path

def determine_config_path
  default = default_shared_config_path('config')
end

def determine_credentials_path

def determine_credentials_path
  default = default_shared_config_path('credentials')
end

def determine_profile(options)

def determine_profile(options)
  ret = options[:profile_name]
  ret ||= ENV["AWS_PROFILE"]
  ret ||= "default"
  ret
end

def fresh(options = {})

Other tags:

Api

def fresh(options = {})
  @profile_name = nil
  @credentials_path = nil
  @config_path = nil
  @parsed_credentials = {}
  @parsed_config = nil
  @config_enabled = options[:config_enabled] ? true : false
  @profile_name = determine_profile(options)
  @credentials_path = options[:credentials_path] ||
    determine_credentials_path
  load_credentials_file if loadable?(@credentials_path)
  if @config_enabled
    @config_path = options[:config_path] || determine_config_path
    load_config_file if loadable?(@config_path)
  end
end

def initialize(options = {})

Options Hash: (**options)

:config_enabled (Boolean) -- If true, loads the shared config
:profile_name (String) -- The credential/config profile name
:config_path (String) -- Path to the shared config file.
:credentials_path (String) -- Path to the shared credentials

Parameters:

options (Hash) --

def initialize(options = {})
  @profile_name = determine_profile(options)
  @config_enabled = options[:config_enabled]
  @credentials_path = options[:credentials_path] ||
    determine_credentials_path
  @parsed_credentials = {}
  load_credentials_file if loadable?(@credentials_path)
  if @config_enabled
    @config_path = options[:config_path] || determine_config_path
    load_config_file if loadable?(@config_path)
  end
end

def load_config_file

def load_config_file
  @parsed_config = IniParser.ini_parse(File.read(@config_path))
end

def load_credentials_file

def load_credentials_file
  @parsed_credentials = IniParser.ini_parse(
    File.read(@credentials_path)
  )
end

def loadable?(path)

Other tags:

Note

Returns:

(Boolean) - Returns `true` if a credential file

def loadable?(path)
  !path.nil? && File.exist?(path) && File.readable?(path)
end

def region(opts = {})

def region(opts = {})
  p = opts[:profile] || @profile_name
  if @config_enabled
    if @parsed_credentials
      region = @parsed_credentials.fetch(p, {})["region"]
    end
    if @parsed_config
      region ||= @parsed_config.fetch(p, {})["region"]
    end
    region
  else
    nil
  end
end

def validate_profile_exists(profile)

def validate_profile_exists(profile)
  unless (@parsed_credentials && @parsed_credentials[profile]) ||
      (@parsed_config && @parsed_config[profile])
    msg = "Profile `#{profile}' not found in #{@credentials_path}"
    msg << " or #{@config_path}" if @config_path
    raise Errors::NoSuchProfileError.new(msg)
  end
end

Modules

Classes

class Aws::SharedConfig

def assume_role_credentials_from_config(opts = {})

def assume_role_from_profile(cfg, profile, opts)

def config_enabled?

def credentials(opts = {})

def credentials_complete(creds)

def credentials_from_config(profile, opts)

def credentials_from_profile(prof_config)

def credentials_from_shared(profile, opts)

def credentials_present?

def default_shared_config_path(file)

def determine_config_path

def determine_credentials_path

def determine_profile(options)

def fresh(options = {})

def initialize(options = {})

def load_config_file

def load_credentials_file

def loadable?(path)

def region(opts = {})

def validate_profile_exists(profile)

Namespace

Instance Methods

Defined in