class Mongo::Crypt::KMS::AWS::Credentials
AWS KMS Credentials object contains credentials for using AWS KMS provider.
@api private
Constants
- FORMAT_HINT
Attributes
access_key_id[R]
@return [ String ] AWS access key.
secret_access_key[R]
@return [ String ] AWS secret access key.
session_token[R]
@return [ String | nil ] AWS session token.
Public Class Methods
new(opts)
click to toggle source
Creates an AWS KMS credentials object form a parameters hash.
@param [ Hash ] opts A hash that contains credentials for
AWS KMS provider
@option opts [ String ] :access_key_id AWS access key id. @option opts [ String ] :secret_access_key AWS secret access key. @option opts [ String | nil ] :session_token AWS session token, optional.
@raise [ ArgumentError ] If required options are missing or incorrectly
formatted.
# File lib/mongo/crypt/kms/aws/credentials.rb, line 54 def initialize(opts) @opts = opts unless empty? @access_key_id = validate_param(:access_key_id, opts, FORMAT_HINT) @secret_access_key = validate_param(:secret_access_key, opts, FORMAT_HINT) @session_token = validate_param(:session_token, opts, FORMAT_HINT, required: false) end end
Public Instance Methods
to_document()
click to toggle source
Convert credentials object to a BSON document in libmongocrypt format.
@return [ BSON::Document ] AWS KMS credentials in libmongocrypt format.
# File lib/mongo/crypt/kms/aws/credentials.rb, line 66 def to_document return BSON::Document.new if empty? BSON::Document.new({ accessKeyId: access_key_id, secretAccessKey: secret_access_key, }).tap do |bson| unless session_token.nil? bson.update({ sessionToken: session_token }) end end end