class Sfn::Callback::AwsAssumeRole
Support for AWS STS role credential caching
Constants
- STS_STORE_ITEMS
Items to cache in local file
Public Instance Methods
after(*_)
click to toggle source
Store session token if available for later use
# File lib/sfn/callback/aws_assume_role.rb, line 31 def after(*_) if enabled? if api.connection.aws_sts_role_arn && api.connection.aws_sts_token path = config.fetch(:aws_assume_role, :cache_file, ".sfn-aws") FileUtils.touch(path) File.chmod(0600, path) values = load_stored_values(path) STS_STORE_ITEMS.map do |key| values[key] = api.connection.data[key] end File.open(path, "w") do |file| file.puts MultiJson.dump(values) end end end end
after_config(*_)
click to toggle source
Inject STS related configuration into API provider credentials
# File lib/sfn/callback/aws_assume_role.rb, line 23 def after_config(*_) if enabled? && config.fetch(:credentials, :aws_sts_role_arn) load_stored_session end end
enabled?()
click to toggle source
@return [TrueClass, FalseClass]
# File lib/sfn/callback/aws_assume_role.rb, line 49 def enabled? config.fetch(:aws_assume_role, :status, "enabled").to_s == "enabled" end
load_stored_session()
click to toggle source
Load stored configuration data into the api connection
@return [TrueClass, FalseClass]
# File lib/sfn/callback/aws_assume_role.rb, line 56 def load_stored_session path = config.fetch(:aws_assume_role, :cache_file, ".sfn-aws") if File.exists?(path) values = load_stored_values(path) STS_STORE_ITEMS.each do |key| api.connection.data[key] = values[key] end if values[:aws_sts_token_expires] begin api.connection.data[:aws_sts_token_expires] = Time.parse(values[:aws_sts_token_expires]) rescue end end true else false end end
load_stored_values(path)
click to toggle source
Load stored values
@param path [String] @return [Hash]
# File lib/sfn/callback/aws_assume_role.rb, line 79 def load_stored_values(path) begin if File.exists?(path) MultiJson.load(File.read(path)).to_smash else Smash.new end rescue MultiJson::ParseError Smash.new end end
quiet()
click to toggle source
Prevent callback output to user
# File lib/sfn/callback/aws_assume_role.rb, line 17 def quiet true end