50 lines
1.2 KiB
Go
50 lines
1.2 KiB
Go
package aws
|
|
|
|
import (
|
|
"github.com/aws/aws-sdk-go/aws"
|
|
"github.com/aws/aws-sdk-go/aws/client"
|
|
"github.com/aws/aws-sdk-go/aws/credentials"
|
|
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
|
|
"github.com/aws/aws-sdk-go/aws/session"
|
|
)
|
|
|
|
type CredentialConfig struct {
|
|
Region string
|
|
AccessKey string
|
|
SecretKey string
|
|
RoleARN string
|
|
Profile string
|
|
Filename string
|
|
Token string
|
|
}
|
|
|
|
func (c *CredentialConfig) Credentials() client.ConfigProvider {
|
|
if c.RoleARN != "" {
|
|
return c.assumeCredentials()
|
|
} else {
|
|
return c.rootCredentials()
|
|
}
|
|
}
|
|
|
|
func (c *CredentialConfig) rootCredentials() client.ConfigProvider {
|
|
config := &aws.Config{
|
|
Region: aws.String(c.Region),
|
|
}
|
|
if c.AccessKey != "" || c.SecretKey != "" {
|
|
config.Credentials = credentials.NewStaticCredentials(c.AccessKey, c.SecretKey, c.Token)
|
|
} else if c.Profile != "" || c.Filename != "" {
|
|
config.Credentials = credentials.NewSharedCredentials(c.Filename, c.Profile)
|
|
}
|
|
|
|
return session.New(config)
|
|
}
|
|
|
|
func (c *CredentialConfig) assumeCredentials() client.ConfigProvider {
|
|
rootCredentials := c.rootCredentials()
|
|
config := &aws.Config{
|
|
Region: aws.String(c.Region),
|
|
}
|
|
config.Credentials = stscreds.NewCredentials(rootCredentials, c.RoleARN)
|
|
return session.New(config)
|
|
}
|