-
Notifications
You must be signed in to change notification settings - Fork 0
/
config_aws.clj
98 lines (86 loc) · 3.51 KB
/
config_aws.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
(ns outpace.config-aws
(:require [clojure.string :as str]
[outpace.config :as config :refer [defconfig]])
(:import (com.amazonaws.auth AWSStaticCredentialsProvider
BasicAWSCredentials
BasicSessionCredentials)
(com.amazonaws.client.builder AwsClientBuilder$EndpointConfiguration)
(com.amazonaws.services.simplesystemsmanagement AWSSimpleSystemsManagement
AWSSimpleSystemsManagementClientBuilder)
(com.amazonaws.services.simplesystemsmanagement.model GetParameterRequest
ParameterNotFoundException)))
(defn ^:private valid-ssm-client-args?
"Validates the client-args using spec, if available."
[client-args]
(try
(require 'outpace.config-aws.spec)
(when-let [validate-fn @(resolve 'outpace.config-aws.spec/validate-client-args)]
(validate-fn client-args))
(catch clojure.lang.Compiler$CompilerException _
true)))
(defconfig
^{:validate [valid-ssm-client-args? "Must be valid SSM client configuration."]}
ssm-client-args
"A map used to configure the SSM client. Current valid configuration includes:
:endpoint {:service-endpoint \"\"
:signing-region \"\"}"
{})
(defn ^:private credentials-provider
[{:keys [aws-access-key-id aws-secret-key session-token]}]
(let [credentials (if session-token
(BasicAWSCredentials. aws-access-key-id aws-secret-key)
(BasicSessionCredentials. aws-access-key-id aws-secret-key session-token))]
(AWSStaticCredentialsProvider. credentials)))
(defn ^:private build-client
"Builds an SSM client form the given client arguments."
[{:keys [credentials endpoint] :as client-args}]
(.build
(cond-> (AWSSimpleSystemsManagementClientBuilder/standard)
credentials (.withCredentials (credentials-provider credentials))
endpoint (.withEndpointConfiguration
(AwsClientBuilder$EndpointConfiguration.
(:service-endpoint endpoint)
(:signing-region endpoint))))))
(def ^:private ssm-client
"The SSM client used to retrieve parameters from SSM."
(delay (build-client ssm-client-args)))
(defrecord SsmVal
[config value]
config/Extractable
(extract [_]
(when (not= ::not-found value)
value))
config/Optional
(provided? [_]
(not= ::not-found value)))
(defmethod print-method SsmVal [^SsmVal v ^java.io.Writer w]
(.write w "#config-aws/ssm ")
(.write w (pr-str (.config v))))
(defn ^:private get-parameter
[^AWSSimpleSystemsManagement client name]
(try
(let [request (.. (GetParameterRequest.)
(withName name)
(withWithDecryption true))]
(.. client
(getParameter request)
(getParameter)
(getValue)))
(catch ParameterNotFoundException _
::not-found)))
(defn read-ssm
"Reads an SsmVal."
[config]
(cond
(string? config)
(->SsmVal config
(get-parameter @ssm-client config))
(vector? config)
(->SsmVal config
(get-parameter @ssm-client (str/join (into []
(map config/extract)
config))))
:default
(throw (IllegalArgumentException.
(format "Argument to #config-aws/ssm must be a string or a vector: %s"
(pr-str config))))))