/
file.ex
91 lines (77 loc) · 2.5 KB
/
file.ex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
if Code.ensure_loaded?(ConfigParser) do
defmodule ExAws.CredentialsIni.File do
# as per https://docs.aws.amazon.com/cli/latest/topic/config-vars.html
@valid_config_keys ~w(
aws_access_key_id aws_secret_access_key aws_session_token region
role_arn source_profile credential_source external_id mfa_serial role_session_name credential_process
)
def security_credentials(profile_name) do
shared_credentials = profile_from_shared_credentials(profile_name)
config_credentials = profile_from_config(profile_name)
Map.merge(config_credentials, shared_credentials)
end
def parse_ini_file({:ok, contents}, :system) do
parse_ini_file({:ok, contents}, profile_name_from_env())
end
def parse_ini_file({:ok, contents}, profile_name) do
contents
|> ConfigParser.parse_string()
|> case do
{:ok, %{^profile_name => config}} ->
strip_key_prefix(config)
{:ok, %{}} ->
%{}
_ ->
%{}
end
end
def parse_ini_file(_, _), do: %{}
def strip_key_prefix(credentials) do
credentials
|> Map.take(@valid_config_keys)
|> Map.new(fn {key, val} ->
updated_key =
key
|> String.replace_leading("aws_", "")
|> String.to_atom()
{updated_key, val}
end)
end
def replace_token_key(credentials) do
case Map.pop(credentials, :session_token) do
{nil, credentials} ->
credentials
{token, credentials} ->
Map.put(credentials, :security_token, token)
end
end
defp profile_from_shared_credentials(profile_name) do
System.user_home()
|> Path.join(".aws/credentials")
|> File.read()
|> parse_ini_file(profile_name)
|> replace_token_key
end
defp profile_from_config(profile_name) do
section =
case profile_name do
:system -> "profile #{profile_name_from_env()}"
"default" -> "default"
other -> "profile #{other}"
end
System.user_home()
|> Path.join(".aws/config")
|> File.read()
|> parse_ini_file(section)
end
defp profile_name_from_env() do
System.get_env("AWS_PROFILE") || "default"
end
end
else
defmodule ExAws.CredentialsIni.File do
def security_credentials(_), do: raise("ConfigParser required to use")
def parse_ini_file(_, _), do: raise("ConfigParser required to use")
def replace_token_key(_), do: raise("ConfigParser required to use")
end
end