Permalink
Browse files

Add support for retrieving credentials from instance metadata

  • Loading branch information...
1 parent 24bcd04 commit aef43addc73745a9fc357040b2d9aaced0ca994b @pieter pieter committed Jun 15, 2012
Showing with 25 additions and 3 deletions.
  1. +24 −2 lib/aws-keys.rb
  2. +1 −1 lib/aws-keys/version.rb
View
@@ -2,11 +2,12 @@ module AwsKeys
class KeyNotFoundException < Exception; end
class Key
- attr_accessor :id, :secret
+ attr_reader :id, :secret, :token
- def initialize (id, secret)
+ def initialize (id, secret, token = nil)
@id = id
@secret = secret
+ @token = token
end
end
@@ -15,6 +16,27 @@ def initialize (id, secret)
PATHS.push(File.expand_path("~/.ec2")) if ENV["HOME"]
PATHS.push("/etc/ec2")
+ def self.role_key (rolename = nil)
+ require 'open-uri'
+ require 'json'
+
+ return unless File.exist? "/etc/ec2_version"
+ unless rolename
+ rolename = open("http://169.254.169.254/2012-01-12/meta-data/iam/security-credentials").read
+ return unless (rolename && rolename.length > 0)
+ end
+
+ data = open("http://169.254.169.254/2012-01-12/meta-data/iam/security-credentials/#{rolename}").read rescue nil
+ return unless (data && data.length > 0)
+
+ d = JSON.parse(data)
+ return unless d
+
+ return Key.new(d["AccessKeyId"], d["SecretAccessKey"], d["Token"])
+ rescue
+ nil
+ end
+
def self.find_key_path (type)
PATHS.each do |path|
key_path = File.join(path, "#{type}.creds")
View
@@ -1,3 +1,3 @@
module AwsKeys
- VERSION = "0.2"
+ VERSION = "0.3"
end

0 comments on commit aef43ad

Please sign in to comment.