Class: Backends::Ec2::Authn::Ec2CredentialsHelper

Inherits:
Object
  • Object
show all
Defined in:
lib/backends/ec2/authn/ec2_credentials_helper.rb

Class Method Summary collapse

Class Method Details

.get_credentials(options, delegated_user, logger) ⇒ ::Aws::Credentials

Converts given user credentials to credentials supported by AWS. Currently only 'basic', 'x509' and 'voms' are supported as the initial credentials.

Server-side Effects:

  • none: call answered from within the backend


13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# File 'lib/backends/ec2/authn/ec2_credentials_helper.rb', line 13

def self.get_credentials(options, delegated_user, logger)
  case delegated_user.auth_.type
  when 'basic'
    # using provided basic credentials as access_key_id and secret_access_key
    handle_basic(options, delegated_user, logger)
  when 'x509'
    # everyone will be mapped to the same AWS account
    handle_x509(options, delegated_user, logger)
  when 'voms'
    # similar to 'x509', different VOs can be mapped to different AWS accounts
    handle_voms(options, delegated_user, logger)
  else
    # unsupported authentication type
    fail Backends::Errors::AuthenticationError, "Authentication strategy " \
         "#{delegated_user.auth_.type.inspect} is not supported by the EC2 backend!"
  end
end