class Aws::STS::Presigner

Allows you to create presigned URLs for STS operations.

@example

signer = Aws::STS::Presigner.new
url = signer.get_caller_identity_presigned_url(
  headers: {"X-K8s-Aws-Id" => 'my-eks-cluster'}
)

Public Class Methods

new(options = {}) click to toggle source

@option options [Client] :client Optionally provide an existing

STS client
# File lib/aws-sdk-sts/presigner.rb, line 18
def initialize(options = {})
  @client = options[:client] || Aws::STS::Client.new
end

Public Instance Methods

get_caller_identity_presigned_url(options = {}) click to toggle source

Returns a presigned url for get_caller_identity.

@option options [Hash] :headers

Headers that should be signed and sent along with the request. All
x-amz-* headers must be present during signing. Other headers are
optional.

@return [String] A presigned url string.

@example

url = signer.get_caller_identity_presigned_url(
  headers: {"X-K8s-Aws-Id" => 'my-eks-cluster'},
)

This can be easily converted to a token used by the EKS service: {ruby-doc.org/stdlib-2.3.1/libdoc/base64/rdoc/Base64.html#method-i-encode64} “k8s-aws-v1.” + Base64.urlsafe_encode64(url).chomp(“==”)

# File lib/aws-sdk-sts/presigner.rb, line 40
def get_caller_identity_presigned_url(options = {})
  req = @client.build_request(:get_session_token, {})

  param_list = Aws::Query::ParamList.new
  param_list.set('Action', 'GetCallerIdentity')
  param_list.set('Version', req.context.config.api.version)
  Aws::Query::EC2ParamBuilder.new(param_list)
    .apply(req.context.operation.input, {})

  signer = Aws::Sigv4::Signer.new(
    service: 'sts',
    region: req.context.config.region,
    credentials_provider: req.context.config.credentials
  )

  url = Aws::Partitions::EndpointProvider.resolve(
    req.context.config.region,
    'sts',
    req.context.config.sts_regional_endpoints,
    {
      dualstack: req.context.config.use_dualstack_endpoint,
      fips: req.context.config.use_fips_endpoint
    }
  )
  url += "/?#{param_list}"

  signer.presign_url(
    http_method: 'GET',
    url: url,
    body: '',
    headers: options[:headers]
  ).to_s
end