/
fromIni.ts
47 lines (42 loc) · 1.86 KB
/
fromIni.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
import { AssumeRoleWithWebIdentityParams } from "@aws-sdk/credential-provider-web-identity";
import { getProfileName, parseKnownFiles, SourceProfileInit } from "@aws-sdk/shared-ini-file-loader";
import { AwsCredentialIdentity, AwsCredentialIdentityProvider } from "@aws-sdk/types";
import { AssumeRoleParams } from "./resolveAssumeRoleCredentials";
import { resolveProfileData } from "./resolveProfileData";
export interface FromIniInit extends SourceProfileInit {
/**
* A function that returns a promise fulfilled with an MFA token code for
* the provided MFA Serial code. If a profile requires an MFA code and
* `mfaCodeProvider` is not a valid function, the credential provider
* promise will be rejected.
*
* @param mfaSerial The serial code of the MFA device specified.
*/
mfaCodeProvider?: (mfaSerial: string) => Promise<string>;
/**
* A function that assumes a role and returns a promise fulfilled with
* credentials for the assumed role.
*
* @param sourceCreds The credentials with which to assume a role.
* @param params
*/
roleAssumer?: (sourceCreds: AwsCredentialIdentity, params: AssumeRoleParams) => Promise<AwsCredentialIdentity>;
/**
* A function that assumes a role with web identity and returns a promise fulfilled with
* credentials for the assumed role.
*
* @param sourceCreds The credentials with which to assume a role.
* @param params
*/
roleAssumerWithWebIdentity?: (params: AssumeRoleWithWebIdentityParams) => Promise<AwsCredentialIdentity>;
}
/**
* Creates a credential provider that will read from ini files and supports
* role assumption and multi-factor authentication.
*/
export const fromIni =
(init: FromIniInit = {}): AwsCredentialIdentityProvider =>
async () => {
const profiles = await parseKnownFiles(init);
return resolveProfileData(getProfileName(init), profiles, init);
};