provider: Remove explicit config and EnvVar Check for Region (#2120)

pulumi · Sep 5, 2022 · c9a0980 · c9a0980
1 parent f07d14b
commit c9a0980
Showing 1 changed file with 39 additions and 17 deletions.
diff --git a/provider/resources.go b/provider/resources.go
@@ -273,6 +273,25 @@ func stringValue(vars resource.PropertyMap, prop resource.PropertyKey, envs []st
 	return ""
 }
 
+func arrayValue(vars resource.PropertyMap, prop resource.PropertyKey, envs []string) []string {
+	val, ok := vars[prop]
+	var vals []string
+	if ok && val.IsArray() {
+		for _, v := range val.ArrayValue() {
+			vals = append(vals, v.StringValue())
+		}
+		return vals
+	}
+
+	for _, env := range envs {
+		val, ok := os.LookupEnv(env)
+		if ok {
+			return strings.Split(val, ";")
+		}
+	}
+	return vals
+}
+
 func stringRef(s string) *string {
 	return &s
 }
@@ -281,16 +300,6 @@ func stringRef(s string) *string {
 // configuration subset of `github.com/terraform-providers/terraform-provider-aws/aws.providerConfigure`.  We do this
 // before passing control to the TF provider to ensure we can report actionable errors.
 func preConfigureCallback(vars resource.PropertyMap, c shim.ResourceConfig) error {
-	// we should have an explicit check to make sure that the user has a region available before we do
-	// anything with the provider
-	region := stringValue(vars, "region", []string{"AWS_REGION", "AWS_DEFAULT_REGION"})
-	if region == "" {
-		return fmt.Errorf("unable to find a AWS Region config. Set the Region by using: \n\n" +
-			" \t • `pulumi config set aws:region us-west-2` or \n" +
-			" \t • An AWS Profile or \n" +
-			" \t • Environment variables:`AWS_REGION` or `AWS_DEFAULT` \n\n")
-	}
-
 	var skipCredentialsValidation bool
 	if val, ok := vars["skipCredentialsValidation"]; ok {
 		if val.IsBool() {
@@ -309,7 +318,7 @@ func preConfigureCallback(vars resource.PropertyMap, c shim.ResourceConfig) erro
 		SecretKey: stringValue(vars, "secretKey", []string{"AWS_SECRET_ACCESS_KEY"}),
 		Profile:   stringValue(vars, "profile", []string{"AWS_PROFILE"}),
 		Token:     stringValue(vars, "token", []string{"AWS_SESSION_TOKEN"}),
-		Region:    region,
+		Region:    stringValue(vars, "region", []string{"AWS_REGION", "AWS_DEFAULT_REGION"}),
 	}
 
 	if details, ok := vars["assumeRole"]; ok {
@@ -336,14 +345,28 @@ func preConfigureCallback(vars resource.PropertyMap, c shim.ResourceConfig) erro
 
 	// lastly let's set the sharedCreds and sharedConfig file. If these are not found then let's default to the
 	// locations that AWS cli will store these values.
+	var sharedCredentialsFilePaths []string
 	sharedCredentialsFile := stringValue(vars, "sharedCredentialsFile", []string{"AWS_SHARED_CREDENTIALS_FILE"})
-	if sharedCredentialsFile == "" {
-		sharedCredentialsFile = "~/.aws/credentials"
+	if sharedCredentialsFile != "" {
+		sharedCredentialsFilePaths = append(sharedCredentialsFilePaths, sharedCredentialsFile)
 	}
-	credsPath, err := homedir.Expand(sharedCredentialsFile)
-	if err != nil {
-		return err
+
+	sharedCredentialsFiles := arrayValue(vars, "sharedCredentialsFiles",
+		[]string{"AWS_SHARED_CREDENTIALS_FILE", "AWS_SHARED_CREDENTIALS_FILES"})
+	if len(sharedCredentialsFiles) > 0 {
+		sharedCredentialsFilePaths = append(sharedCredentialsFilePaths, sharedCredentialsFiles...)
+	}
+
+	if len(sharedCredentialsFilePaths) == 0 {
+		sharedCredentialsFile := "~/.aws/credentials"
+		credsPath, err := homedir.Expand(sharedCredentialsFile)
+		if err != nil {
+			return err
+		}
+
+		sharedCredentialsFilePaths = append(sharedCredentialsFilePaths, credsPath)
 	}
+	config.SharedCredentialsFiles = sharedCredentialsFilePaths
 
 	sharedConfigFile := stringValue(vars, "sharedConfigFile", []string{"AWS_CONFIG_FILE"})
 	if sharedConfigFile == "" {
@@ -354,7 +377,6 @@ func preConfigureCallback(vars resource.PropertyMap, c shim.ResourceConfig) erro
 		return err
 	}
 
-	config.SharedCredentialsFiles = []string{credsPath}
 	config.SharedConfigFiles = []string{configPath}
 
 	if _, err := awsbase.GetAwsConfig(context.Background(), config); err != nil {