Class: VagrantPlugins::AWS::Credentials

Inherits:
Object
  • Object
show all
Defined in:
lib/vagrant-aws/config.rb

Instance Method Summary collapse

Instance Method Details

#get_aws_info(profile, location) ⇒ Object

This module reads AWS config and credentials. Behaviour aims to mimic what is described in AWS documentation: docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html docs.aws.amazon.com/cli/latest/topic/config-vars.html Which is the following (stopping at the first successful case): 1) read config and credentials from environment variables 2) read config and credentials from files at location defined by environment variables 3) read config and credentials from files at default location

The mandatory fields for a successful “get credentials” are the id and the secret keys. Region is not required since Config#finalize falls back to sensible defaults. The behaviour is all-or-nothing (ie: no mixing between vars and files).

It also allows choosing a profile (by default it’s [default]) and an “info” directory (by default $HOME/.aws), which can be specified in the Vagrantfile. Supported information: region, aws_access_key_id, aws_secret_access_key, and aws_session_token.



534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
 
# File 'lib/vagrant-aws/config.rb', line 534

def get_aws_info(profile, location)
  # read credentials from environment variables
  aws_region, aws_id, aws_secret, aws_token = read_aws_environment()
  # if nothing there, then read from files
  # (the _if_ doesn't check aws_region since Config#finalize sets one by default)
  if aws_id.to_s == '' or aws_secret.to_s == ''
    # check if there are env variables for credential location, if so use then
    aws_config = ENV['AWS_CONFIG_FILE'].to_s
    aws_creds = ENV['AWS_SHARED_CREDENTIALS_FILE'].to_s
    if aws_config == '' or aws_creds == ''
      aws_config = location + 'config'
      aws_creds = location + 'credentials'
    end
    if File.exist?(aws_config) and File.exist?(aws_creds)
      aws_region, aws_id, aws_secret, aws_token = read_aws_files(profile, aws_config, aws_creds)
    end
  end
  aws_region = nil if aws_region == ''
  aws_id     = nil if aws_id == ''
  aws_secret = nil if aws_secret == ''
  aws_token  = nil if aws_token == ''

  return aws_region, aws_id, aws_secret, aws_token
end