/
client.go
41 lines (35 loc) · 951 Bytes
/
client.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
package aws
import (
"context"
"fmt"
"io/ioutil"
"os"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/credentials"
"github.com/rs/zerolog/log"
)
func NewEKSServiceAccountClientV1() aws.Config {
// variables are automatically available in the pod through EKS
region := os.Getenv("AWS_REGION")
roleArn := os.Getenv("AWS_ROLE_ARN")
tokenFilePath := os.Getenv("AWS_WEB_IDENTITY_TOKEN_FILE")
token, err := ioutil.ReadFile(tokenFilePath)
if err != nil {
panic(err.Error())
}
fmt.Println(fmt.Sprintf("authenticating as role arn: %s from service account", roleArn))
awsClient, err := config.LoadDefaultConfig(
context.Background(),
config.WithRegion(region),
config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(
string(token),
"",
string(token),
)),
)
if err != nil {
log.Error().Msg("unable to create aws client")
}
return awsClient
}