This repository has been archived by the owner on May 9, 2022. It is now read-only.
forked from aws/aws-sdk-java
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This release adds support for AWS IAM Instance Profiles, including new credentials provider implementations in the SDK and updates to Amazon EC2 and Auto Scaling for IAM Instance Profiles, and also adds new features in the Amazon S3, Amazon EC2, Auto Scaling, and Amazon RDS APIs. For more information, see the full release notes: http://aws.amazon.com/releasenotes/1487388672444310
- Loading branch information
Showing
404 changed files
with
27,057 additions
and
3,644 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
85 changes: 85 additions & 0 deletions
85
src/main/java/com/amazonaws/auth/AWSCredentialsProviderChain.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
/* | ||
* Copyright 2012 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"). | ||
* You may not use this file except in compliance with the License. | ||
* A copy of the License is located at | ||
* | ||
* http://aws.amazon.com/apache2.0 | ||
* | ||
* or in the "license" file accompanying this file. This file is distributed | ||
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either | ||
* express or implied. See the License for the specific language governing | ||
* permissions and limitations under the License. | ||
*/ | ||
package com.amazonaws.auth; | ||
|
||
import java.util.LinkedList; | ||
import java.util.List; | ||
|
||
import org.apache.commons.logging.Log; | ||
import org.apache.commons.logging.LogFactory; | ||
|
||
import com.amazonaws.AmazonClientException; | ||
|
||
/** | ||
* {@link AWSCredentialsProvider} implementation that chains together multiple | ||
* credentials providers. When a caller requests credentials from this provider, | ||
* it calls all the providers in the chain, in the original order specified, | ||
* until one can provide credentials, and then returns those credentials. If all | ||
* of the credential providers in the chain have been called, and none of them | ||
* can provide credentials, then this class will throw an exception indicated | ||
* that no credentials are available. | ||
*/ | ||
public class AWSCredentialsProviderChain implements AWSCredentialsProvider { | ||
|
||
private static final Log log = LogFactory.getLog(AWSCredentialsProviderChain.class); | ||
|
||
private List<AWSCredentialsProvider> credentialsProviders = | ||
new LinkedList<AWSCredentialsProvider>(); | ||
|
||
|
||
/** | ||
* Constructs a new AWSCredentialsProviderChain with the specified | ||
* credential providers. When credentials are requested from this provider, | ||
* it will call each of these credential providers in the same order | ||
* specified here until one of them returns AWS security credentials. | ||
* | ||
* @param credentialsProviders | ||
* The chain of credentials providers. | ||
*/ | ||
public AWSCredentialsProviderChain(AWSCredentialsProvider... credentialsProviders) { | ||
if (credentialsProviders == null || credentialsProviders.length == 0) | ||
throw new IllegalArgumentException("No credential providers specified"); | ||
|
||
for (AWSCredentialsProvider provider : credentialsProviders) { | ||
this.credentialsProviders.add(provider); | ||
} | ||
} | ||
|
||
public AWSCredentials getCredentials() { | ||
for (AWSCredentialsProvider provider : credentialsProviders) { | ||
try { | ||
AWSCredentials credentials = provider.getCredentials(); | ||
|
||
if (credentials.getAWSAccessKeyId() != null && | ||
credentials.getAWSSecretKey() != null) { | ||
log.debug("Loading credentials from " + provider.toString()); | ||
return credentials; | ||
} | ||
} catch (Exception e) { | ||
// Ignore any exceptions and move onto the next provider | ||
log.debug("Unable to load credentials from " + provider.toString() + | ||
": " + e.getMessage()); | ||
} | ||
} | ||
|
||
throw new AmazonClientException("Unable to load AWS credentials from any provider in the chain"); | ||
} | ||
|
||
public void refresh() { | ||
for (AWSCredentialsProvider provider : credentialsProviders) { | ||
provider.refresh(); | ||
} | ||
} | ||
} |
97 changes: 97 additions & 0 deletions
97
src/main/java/com/amazonaws/auth/ClasspathPropertiesFileCredentialsProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
/* | ||
* Copyright 2012 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"). | ||
* You may not use this file except in compliance with the License. | ||
* A copy of the License is located at | ||
* | ||
* http://aws.amazon.com/apache2.0 | ||
* | ||
* or in the "license" file accompanying this file. This file is distributed | ||
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either | ||
* express or implied. See the License for the specific language governing | ||
* permissions and limitations under the License. | ||
*/ | ||
package com.amazonaws.auth; | ||
|
||
import java.io.IOException; | ||
import java.io.InputStream; | ||
|
||
import com.amazonaws.AmazonClientException; | ||
|
||
/** | ||
* {@link AWSCredentialsProvider} implementation that loads AWS security | ||
* credentials from a properties file on the classpath. The default | ||
* constructor creates a credentials provider that loads the credentials | ||
* from a file named <code>AwsCredentials.properties</code> on the | ||
* classpath, but which file to use from the classpath can also be controled | ||
* through the one-argument constructor. | ||
* <p> | ||
* The AWS access key ID is expected to be in the <code>accessKey</code> | ||
* property and the AWS secret key is expected to be in the | ||
* <code>secretKey</code> property. | ||
*/ | ||
public class ClasspathPropertiesFileCredentialsProvider implements AWSCredentialsProvider { | ||
|
||
/** The name of the properties file to check for credentials */ | ||
private static String DEFAULT_PROPERTIES_FILE = "AwsCredentials.properties"; | ||
|
||
private final String credentialsFilePath; | ||
|
||
/** | ||
* Creates a new ClasspathPropertiesFileCredentialsProvider that will | ||
* attempt to load the <code>AwsCredentials.properties</code> file from | ||
* the classpath to read AWS security credentials. | ||
*/ | ||
public ClasspathPropertiesFileCredentialsProvider() { | ||
this(DEFAULT_PROPERTIES_FILE); | ||
} | ||
|
||
/** | ||
* Creates a new ClasspathPropertiesFileCredentialsProvider that will | ||
* attempt to load a custom file from the classpath to read AWS security | ||
* credentials. | ||
* | ||
* @param credentialsFilePath | ||
* The custom classpath resource path to a properties file | ||
* from which the AWS security credentials should be loaded. | ||
* | ||
* For example, | ||
* <ul> | ||
* <li>com/mycompany/credentials.properties</li> | ||
* <li>beta-credentials.properties</li> | ||
* <li>AwsCredentials.properties</li> | ||
* </ul> | ||
*/ | ||
public ClasspathPropertiesFileCredentialsProvider(String credentialsFilePath) { | ||
if (credentialsFilePath == null) | ||
throw new IllegalArgumentException("Credentials file path cannot be null"); | ||
|
||
// Make sure the path is absolute | ||
if (!credentialsFilePath.startsWith("/")) { | ||
this.credentialsFilePath = "/" + credentialsFilePath; | ||
} else { | ||
this.credentialsFilePath = credentialsFilePath; | ||
} | ||
} | ||
|
||
public AWSCredentials getCredentials() { | ||
InputStream inputStream = getClass().getResourceAsStream(credentialsFilePath); | ||
if (inputStream == null) { | ||
throw new AmazonClientException("Unable to load AWS credentials from the " + credentialsFilePath + " file on the classpath"); | ||
} | ||
|
||
try { | ||
return new PropertiesCredentials(inputStream); | ||
} catch (IOException e) { | ||
throw new AmazonClientException("Unable to load AWS credentials from the " + credentialsFilePath + " file on the classpath", e); | ||
} | ||
} | ||
|
||
public void refresh() {} | ||
|
||
@Override | ||
public String toString() { | ||
return getClass().getSimpleName() + "(" + credentialsFilePath + ")"; | ||
} | ||
} |
35 changes: 35 additions & 0 deletions
35
src/main/java/com/amazonaws/auth/DefaultAWSCredentialsProviderChain.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
/* | ||
* Copyright 2012 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"). | ||
* You may not use this file except in compliance with the License. | ||
* A copy of the License is located at | ||
* | ||
* http://aws.amazon.com/apache2.0 | ||
* | ||
* or in the "license" file accompanying this file. This file is distributed | ||
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either | ||
* express or implied. See the License for the specific language governing | ||
* permissions and limitations under the License. | ||
*/ | ||
package com.amazonaws.auth; | ||
|
||
/** | ||
* AWS credentials provider chain that looks for credentials in this order: | ||
* <ul> | ||
* <li>Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY</li> | ||
* <li>Java System Properties - aws.accessKeyId and aws.secretKey</li> | ||
* <li>Instance profile credentials delivered through the Amazon EC2 metadata service</li> | ||
* </ul> | ||
* | ||
* @see EnvironmentVariableCredentialsProvider | ||
* @see SystemPropertiesCredentialsProvider | ||
* @see InstanceProfileCredentialsProvider | ||
*/ | ||
public class DefaultAWSCredentialsProviderChain extends AWSCredentialsProviderChain { | ||
public DefaultAWSCredentialsProviderChain() { | ||
super(new EnvironmentVariableCredentialsProvider(), | ||
new SystemPropertiesCredentialsProvider(), | ||
new InstanceProfileCredentialsProvider()); | ||
} | ||
} |
52 changes: 52 additions & 0 deletions
52
src/main/java/com/amazonaws/auth/EnvironmentVariableCredentialsProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
/* | ||
* Copyright 2012 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"). | ||
* You may not use this file except in compliance with the License. | ||
* A copy of the License is located at | ||
* | ||
* http://aws.amazon.com/apache2.0 | ||
* | ||
* or in the "license" file accompanying this file. This file is distributed | ||
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either | ||
* express or implied. See the License for the specific language governing | ||
* permissions and limitations under the License. | ||
*/ | ||
package com.amazonaws.auth; | ||
|
||
import com.amazonaws.AmazonClientException; | ||
|
||
/** | ||
* {@link AWSCredentialsProvider} implementation that provides credentials | ||
* by looking at the <code>AWS_ACCESS_KEY_ID</code> and | ||
* <code>AWS_SECRET_KEY</code> environment variables. | ||
*/ | ||
public class EnvironmentVariableCredentialsProvider implements AWSCredentialsProvider { | ||
|
||
/** Environment variable name for the AWS access key ID */ | ||
private static final String ACCESS_KEY_ENV_VAR = "AWS_ACCESS_KEY_ID"; | ||
|
||
/** Environment variable name for the AWS secret key */ | ||
private static final String SECRET_KEY_ENV_VAR = "AWS_SECRET_KEY"; | ||
|
||
public AWSCredentials getCredentials() { | ||
if (System.getenv(ACCESS_KEY_ENV_VAR) != null && | ||
System.getenv(SECRET_KEY_ENV_VAR) != null) { | ||
|
||
return new BasicAWSCredentials( | ||
System.getenv(ACCESS_KEY_ENV_VAR), | ||
System.getenv(SECRET_KEY_ENV_VAR)); | ||
} | ||
|
||
throw new AmazonClientException( | ||
"Unable to load AWS credentials from environment variables " + | ||
"(" + ACCESS_KEY_ENV_VAR + " and " + SECRET_KEY_ENV_VAR + ")"); | ||
} | ||
|
||
public void refresh() {} | ||
|
||
@Override | ||
public String toString() { | ||
return getClass().getSimpleName(); | ||
} | ||
} |
98 changes: 98 additions & 0 deletions
98
src/main/java/com/amazonaws/auth/InstanceProfileCredentialsProvider.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,98 @@ | ||
/* | ||
* Copyright 2012 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"). | ||
* You may not use this file except in compliance with the License. | ||
* A copy of the License is located at | ||
* | ||
* http://aws.amazon.com/apache2.0 | ||
* | ||
* or in the "license" file accompanying this file. This file is distributed | ||
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either | ||
* express or implied. See the License for the specific language governing | ||
* permissions and limitations under the License. | ||
*/ | ||
package com.amazonaws.auth; | ||
|
||
import java.io.IOException; | ||
import java.text.ParseException; | ||
import java.util.Date; | ||
|
||
import com.amazonaws.AmazonClientException; | ||
import com.amazonaws.internal.EC2MetadataClient; | ||
import com.amazonaws.util.DateUtils; | ||
import com.amazonaws.util.json.JSONException; | ||
import com.amazonaws.util.json.JSONObject; | ||
|
||
/** | ||
* Credentials provider implementation that loads credentials from the Amazon | ||
* EC2 Instance Metadata Service. | ||
*/ | ||
public class InstanceProfileCredentialsProvider implements AWSCredentialsProvider { | ||
|
||
private AWSCredentials credentials; | ||
private Date credentialsExpiration; | ||
|
||
public AWSCredentials getCredentials() { | ||
if (needsToLoadCredentials()) loadCredentials(); | ||
|
||
return credentials; | ||
} | ||
|
||
public void refresh() { | ||
loadCredentials(); | ||
} | ||
|
||
private boolean needsToLoadCredentials() { | ||
if (credentials == null) return true; | ||
|
||
if (credentialsExpiration != null) { | ||
int thresholdInMilliseconds = 1000 * 60 * 5; | ||
boolean withinExpirationThreshold = System.currentTimeMillis() - credentialsExpiration.getTime() < thresholdInMilliseconds; | ||
if (withinExpirationThreshold) return true; | ||
} | ||
|
||
return false; | ||
} | ||
|
||
private synchronized void loadCredentials() { | ||
try { | ||
String credentialsResponse = new EC2MetadataClient().getDefaultCredentials(); | ||
JSONObject jsonObject = new JSONObject(credentialsResponse); | ||
|
||
if (jsonObject.has("Token")) { | ||
credentials = new BasicSessionCredentials( | ||
jsonObject.getString("AccessKeyId"), | ||
jsonObject.getString("SecretAccessKey"), | ||
jsonObject.getString("Token")); | ||
} else { | ||
credentials = new BasicAWSCredentials( | ||
jsonObject.getString("AccessKeyId"), | ||
jsonObject.getString("SecretAccessKey")); | ||
} | ||
|
||
if (jsonObject.has("Expiration")) { | ||
/* | ||
* TODO: The expiration string comes in a different format than | ||
* what we deal with in other parts of the SDK, so we have | ||
* to convert it to the ISO8601 syntax we expect. | ||
*/ | ||
String expiration = jsonObject.getString("Expiration"); | ||
expiration = expiration.replaceAll("\\+0000$", "Z"); | ||
|
||
credentialsExpiration = new DateUtils().parseIso8601Date(expiration); | ||
} | ||
} catch (IOException e) { | ||
throw new AmazonClientException("Unable to load credentials from Amazon EC2 metadata service", e); | ||
} catch (JSONException e) { | ||
throw new AmazonClientException("Unable to parse credentials from Amazon EC2 metadata service", e); | ||
} catch (ParseException e) { | ||
throw new AmazonClientException("Unable to parse credentials expiration date from Amazon EC2 metadata service", e); | ||
} | ||
} | ||
|
||
@Override | ||
public String toString() { | ||
return getClass().getSimpleName(); | ||
} | ||
} |
Oops, something went wrong.