Class: Aws::ECSCredentials

Inherits:
Object
  • Object
show all
Includes:
CredentialProvider, RefreshingCredentials
Defined in:
lib/aws-sdk-core/ecs_credentials.rb

Overview

An auto-refreshing credential provider that loads credentials from instances running in containers.

ecs_credentials = Aws::ECSCredentials.new(retries: 3)
ec2 = Aws::EC2::Client.new(credentials: ecs_credentials)

Defined Under Namespace

Classes: InvalidTokenError, Non200Response, TokenFileReadError

Constant Summary collapse

NETWORK_ERRORS =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

These are the errors we trap when attempting to talk to the instance metadata service. Any of these imply the service is not present, no responding or some other non-recoverable error.

[
  Errno::EHOSTUNREACH,
  Errno::ECONNREFUSED,
  Errno::EHOSTDOWN,
  Errno::ENETUNREACH,
  SocketError,
  Timeout::Error,
  Non200Response
].freeze

Constants included from RefreshingCredentials

RefreshingCredentials::ASYNC_EXPIRATION_LENGTH, RefreshingCredentials::CLIENT_EXCLUDE_OPTIONS, RefreshingCredentials::SYNC_EXPIRATION_LENGTH

Instance Attribute Summary collapse

Attributes included from CredentialProvider

#credentials, #expiration

Instance Method Summary collapse

Methods included from RefreshingCredentials

#credentials, #refresh!

Methods included from CredentialProvider

#set?

Constructor Details

#initialize(options = {}) ⇒ ECSCredentials

Returns a new instance of ECSCredentials.

Parameters:

  • options (Hash) (defaults to: {})

Options Hash (options):

  • :retries (Integer) — default: 5

    Number of times to retry when retrieving credentials.

  • :ip_address (String) — default: '169.254.170.2'

    This value is ignored if ‘endpoint` is set and `credential_path` is not set.

  • :port (Integer) — default: 80

    This value is ignored if ‘endpoint` is set and `credential_path` is not set.

  • :credential_path (String)

    By default, the value of the AWS_CONTAINER_CREDENTIALS_RELATIVE_URI environment variable.

  • :endpoint (String)

    The container credential endpoint. By default, this is the value of the AWS_CONTAINER_CREDENTIALS_FULL_URI environment variable. This value is ignored if ‘credential_path` or ENV is set.

  • :http_open_timeout (Float) — default: 5
  • :http_read_timeout (Float) — default: 5
  • :delay (Numeric, Proc)

    By default, failures are retried with exponential back-off, i.e. ‘sleep(1.2 ** num_failures)`. You can pass a number of seconds to sleep between failed attempts, or a Proc that accepts the number of failures.

  • :http_debug_output (IO) — default: nil

    HTTP wire traces are sent to this object. You can specify something like $stdout.

  • before_refresh (Callable)

    Proc called before credentials are refreshed. ‘before_refresh` is called with an instance of this object when AWS credentials are required and need to be refreshed.



67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
# File 'lib/aws-sdk-core/ecs_credentials.rb', line 67

def initialize(options = {})
  credential_path = options[:credential_path] ||
                    ENV['AWS_CONTAINER_CREDENTIALS_RELATIVE_URI']
  endpoint = options[:endpoint] ||
             ENV['AWS_CONTAINER_CREDENTIALS_FULL_URI']
  initialize_uri(options, credential_path, endpoint)

  @retries = options[:retries] || 5
  @http_open_timeout = options[:http_open_timeout] || 5
  @http_read_timeout = options[:http_read_timeout] || 5
  @http_debug_output = options[:http_debug_output]
  @backoff = backoff(options[:backoff])
  @async_refresh = false
  super
end

Instance Attribute Details

#retriesInteger (readonly)

Returns The number of times to retry failed attempts to fetch credentials from the instance metadata service. Defaults to 0.

Returns:

  • (Integer)

    The number of times to retry failed attempts to fetch credentials from the instance metadata service. Defaults to 0.



85
86
87
# File 'lib/aws-sdk-core/ecs_credentials.rb', line 85

def retries
  @retries
end