Class: Cipherpipe::Vault::EC2Token

Inherits:

Object

Object
Cipherpipe::Vault::EC2Token

Defined in:: lib/cipherpipe/vault/ec2_token.rb

Constant Summary collapse

ConnectionError =

Class.new Cipherpipe::Error

URL =

URI.parse(
  "http://169.254.169.254/latest/dynamic/instance-identity/pkcs7"
)

NONCE_FILE =

ENV.fetch(
  "CIPHERPIPE_NONCE_FILE",
  File.expand_path("~/.cipherpipe-nonce")
)

Class Method Summary collapse

.call(external_source) ⇒ Object

Instance Method Summary collapse

#call ⇒ Object
#initialize(external_source) ⇒ EC2Token constructor

A new instance of EC2Token.

Constructor Details

#initialize(external_source) ⇒ `EC2Token`

Returns a new instance of EC2Token.



20
21
22

# File 'lib/cipherpipe/vault/ec2_token.rb', line 20

def initialize(external_source)
  @external_source = external_source
end

Class Method Details

.call(external_source) ⇒ `Object`



16
17
18

# File 'lib/cipherpipe/vault/ec2_token.rb', line 16

def self.call(external_source)
  new(external_source).call
end

Instance Method Details

#call ⇒ `Object`

# File 'lib/cipherpipe/vault/ec2_token.rb', line 24

def call
  response = ::Vault.auth.aws_ec2 external_source.ec2_role, signature, nonce

  if response.auth.metadata[:nonce]
    File.write NONCE_FILE, response.auth.metadata[:nonce]
  end

  response.auth.client_token
end

Class: Cipherpipe::Vault::EC2Token

Constant Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(external_source) ⇒ EC2Token

Class Method Details

.call(external_source) ⇒ Object

Instance Method Details

#call ⇒ Object

#initialize(external_source) ⇒ `EC2Token`

.call(external_source) ⇒ `Object`

#call ⇒ `Object`