/
AWSProfileConfigLoader.h
270 lines (221 loc) · 11.4 KB
/
AWSProfileConfigLoader.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/core/utils/memory/stl/AWSMap.h>
#include <aws/core/auth/AWSCredentials.h>
#include <aws/core/utils/DateTime.h>
#include <aws/core/utils/threading/ReaderWriterLock.h>
namespace Aws
{
namespace Internal
{
class EC2MetadataClient;
}
namespace Config
{
/**
* Simple data container for a Profile.
*/
class Profile
{
public:
inline const Aws::String& GetName() const { return m_name; }
inline void SetName(const Aws::String& value) { m_name = value; }
inline const Aws::Auth::AWSCredentials& GetCredentials() const { return m_credentials; }
inline void SetCredentials(const Aws::Auth::AWSCredentials& value) { m_credentials = value; }
inline const Aws::String& GetRegion() const { return m_region; }
inline void SetRegion(const Aws::String& value) { m_region = value; }
inline const Aws::String& GetRoleArn() const { return m_roleArn; }
inline void SetRoleArn(const Aws::String& value) { m_roleArn = value; }
inline const Aws::String& GetExternalId() const { return m_externalId; }
inline void SetExternalId(const Aws::String& value) { m_externalId = value; }
inline const Aws::String& GetSsoStartUrl() const { return m_ssoStartUrl; }
inline void SetSsoStartUrl(const Aws::String& value) { m_ssoStartUrl = value; }
inline const Aws::String& GetSsoRegion() const { return m_ssoRegion; }
inline void SetSsoRegion(const Aws::String& value) { m_ssoRegion = value; }
inline const Aws::String& GetSsoAccountId() const { return m_ssoAccountId; }
inline void SetSsoAccountId(const Aws::String& value) { m_ssoAccountId = value; }
inline const Aws::String& GetSsoRoleName() const { return m_ssoRoleName; }
inline void SetSsoRoleName(const Aws::String& value) { m_ssoRoleName = value; }
inline const Aws::String& GetDefaultsMode() const { return m_defaultsMode; }
inline void SetDefaultsMode(const Aws::String& value) { m_defaultsMode = value; }
inline const Aws::String& GetSourceProfile() const { return m_sourceProfile; }
inline void SetSourceProfile(const Aws::String& value ) { m_sourceProfile = value; }
inline const Aws::String& GetCredentialProcess() const { return m_credentialProcess; }
inline void SetCredentialProcess(const Aws::String& value ) { m_credentialProcess = value; }
inline void SetAllKeyValPairs(const Aws::Map<Aws::String, Aws::String>& map) { m_allKeyValPairs = map; }
inline const Aws::String GetValue(const Aws::String& key) const
{
auto iter = m_allKeyValPairs.find(key);
if (iter == m_allKeyValPairs.end()) return {};
return iter->second;
}
private:
Aws::String m_name;
Aws::String m_region;
Aws::Auth::AWSCredentials m_credentials;
Aws::String m_roleArn;
Aws::String m_externalId;
Aws::String m_sourceProfile;
Aws::String m_credentialProcess;
Aws::String m_ssoStartUrl;
Aws::String m_ssoRegion;
Aws::String m_ssoAccountId;
Aws::String m_ssoRoleName;
Aws::String m_defaultsMode;
Aws::Map<Aws::String, Aws::String> m_allKeyValPairs;
};
/**
* Loads Configuration such as .aws/config, .aws/credentials or ec2 metadata service.
*/
class AWS_CORE_API AWSProfileConfigLoader
{
public:
virtual ~AWSProfileConfigLoader() = default;
/**
* Load the configuration
*/
bool Load();
/**
* Over writes the entire config source with the newly configured profile data.
*/
bool PersistProfiles(const Aws::Map<Aws::String, Aws::Config::Profile>& profiles);
/**
* Gets all profiles from the configuration file.
*/
inline const Aws::Map<Aws::String, Aws::Config::Profile>& GetProfiles() const { return m_profiles; };
/**
* the timestamp from the last time the profile information was loaded from file.
*/
inline const Aws::Utils::DateTime& LastLoadTime() const { return m_lastLoadTime; }
using ProfilesContainer = Aws::Map<Aws::String, Aws::Config::Profile>;
// Delete copy c-tor and assignment operator
AWSProfileConfigLoader() = default;
AWSProfileConfigLoader(const AWSProfileConfigLoader&) = delete;
const AWSProfileConfigLoader& operator=(AWSProfileConfigLoader&) = delete;
protected:
/**
* Subclasses override this method to implement fetching the profiles.
*/
virtual bool LoadInternal() = 0;
/**
* Subclasses override this method to implement persisting the profiles. Default returns false.
*/
virtual bool PersistInternal(const Aws::Map<Aws::String, Aws::Config::Profile>&) { return false; }
ProfilesContainer m_profiles;
Aws::Utils::DateTime m_lastLoadTime;
};
/**
* Reads configuration from a config file (e.g. $HOME/.aws/config or $HOME/.aws/credentials
*/
class AWS_CORE_API AWSConfigFileProfileConfigLoader : public AWSProfileConfigLoader
{
public:
/**
* fileName - file to load config from
* useProfilePrefix - whether or not the profiles are prefixed with "profile", credentials file is not
* while the config file is. Defaults to off.
*/
AWSConfigFileProfileConfigLoader(const Aws::String& fileName, bool useProfilePrefix = false);
virtual ~AWSConfigFileProfileConfigLoader() = default;
/**
* File path being used for the config loader.
*/
const Aws::String& GetFileName() const { return m_fileName; }
/**
* Give loader the ability to change the file path to load config from.
* This can avoid creating new loader object if the file changed.
*/
void SetFileName(const Aws::String& fileName) { m_fileName = fileName; }
protected:
virtual bool LoadInternal() override;
virtual bool PersistInternal(const Aws::Map<Aws::String, Aws::Config::Profile>&) override;
private:
Aws::String m_fileName;
bool m_useProfilePrefix;
};
static const char* const INSTANCE_PROFILE_KEY = "InstanceProfile";
/**
* Loads configuration from the EC2 Metadata Service
*/
class AWS_CORE_API EC2InstanceProfileConfigLoader : public AWSProfileConfigLoader
{
public:
/**
* If client is nullptr, the default EC2MetadataClient will be created.
*/
EC2InstanceProfileConfigLoader(const std::shared_ptr<Aws::Internal::EC2MetadataClient>& = nullptr);
virtual ~EC2InstanceProfileConfigLoader() = default;
protected:
virtual bool LoadInternal() override;
private:
std::shared_ptr<Aws::Internal::EC2MetadataClient> m_ec2metadataClient;
int64_t credentialsValidUntilMillis = 0;
int64_t calculateRetryTime() const;
};
/**
* Stores the contents of config file and credentials file to avoid multiple file readings.
* At the same time provides the flexibility to reload from file.
*/
class AWS_CORE_API ConfigAndCredentialsCacheManager
{
public:
ConfigAndCredentialsCacheManager();
void ReloadConfigFile();
void ReloadCredentialsFile();
bool HasConfigProfile(const Aws::String& profileName) const;
/**
* Returns cached config profile with the specified profile name.
* Using copy instead of const reference to avoid reading bad contents due to thread contention.
*/
Aws::Config::Profile GetConfigProfile(const Aws::String& profileName) const;
/**
* Returns cached config profiles
* Using copy instead of const reference to avoid reading bad contents due to thread contention.
*/
Aws::Map<Aws::String, Aws::Config::Profile> GetConfigProfiles() const;
/**
* Returns cached config value with the specified profile name and key.
* Using copy instead of const reference to avoid reading bad contents due to thread contention.
*/
Aws::String GetConfig(const Aws::String& profileName, const Aws::String& key) const;
bool HasCredentialsProfile(const Aws::String& profileName) const;
/**
* Returns cached credentials profile with the specified profile name.
* Using copy instead of const reference to avoid reading bad contents due to thread contention.
*/
Aws::Config::Profile GetCredentialsProfile(const Aws::String& profileName) const;
/**
* Returns cached credentials profiles.
* Using copy instead of const reference to avoid reading bad contents due to thread contention.
*/
Aws::Map<Aws::String, Aws::Config::Profile> GetCredentialsProfiles() const;
/**
* Returns cached credentials with the specified profile name.
* Using copy instead of const reference to avoid reading bad contents due to thread contention.
*/
Aws::Auth::AWSCredentials GetCredentials(const Aws::String& profileName) const;
private:
mutable Aws::Utils::Threading::ReaderWriterLock m_credentialsLock;
Aws::Config::AWSConfigFileProfileConfigLoader m_credentialsFileLoader;
mutable Aws::Utils::Threading::ReaderWriterLock m_configLock;
Aws::Config::AWSConfigFileProfileConfigLoader m_configFileLoader;
};
AWS_CORE_API void InitConfigAndCredentialsCacheManager();
AWS_CORE_API void CleanupConfigAndCredentialsCacheManager();
AWS_CORE_API void ReloadCachedConfigFile();
AWS_CORE_API void ReloadCachedCredentialsFile();
AWS_CORE_API bool HasCachedConfigProfile(const Aws::String& profileName);
AWS_CORE_API Aws::Config::Profile GetCachedConfigProfile(const Aws::String& profileName);
AWS_CORE_API Aws::Map<Aws::String, Aws::Config::Profile> GetCachedConfigProfiles();
AWS_CORE_API Aws::String GetCachedConfigValue(const Aws::String& profileName, const Aws::String& key);
AWS_CORE_API Aws::String GetCachedConfigValue(const Aws::String& key);
AWS_CORE_API bool HasCachedCredentialsProfile(const Aws::String &profileName);
AWS_CORE_API Aws::Config::Profile GetCachedCredentialsProfile(const Aws::String& profileName);
AWS_CORE_API Aws::Auth::AWSCredentials GetCachedCredentials(const Aws::String& profileName);
AWS_CORE_API Aws::Map<Aws::String, Aws::Config::Profile> GetCachedCredentialsProfiles();
}
}