Skip to content
This repository has been archived by the owner on Aug 7, 2023. It is now read-only.

[feature] role auth #33

Merged
merged 2 commits into from
May 28, 2020
Merged

[feature] role auth #33

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
723e70b
[feature] support role auth
ryanking May 27, 2020
8040c79
increase timeout for golangci-lint
ryanking May 28, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .reviewdog.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
runner:
golangci:
cmd: ./bin/golangci-lint run --out-format=line-number
cmd: ./bin/golangci-lint run --out-format=line-number -v --timeout 5m
errorformat:
- '%E%f:%l:%c: %m'
- '%E%f:%l: %m'
Expand Down
11 changes: 10 additions & 1 deletion pkg/aws/client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ package aws

import (
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
)
Expand All @@ -27,8 +29,15 @@ func NewClient(d *schema.ResourceData) (*Client, error) {
Profile: d.Get("profile").(string),
},
))

var creds *credentials.Credentials

if r, ok := d.Get("role_arn").(string); ok {
creds = stscreds.NewCredentials(sess, r)
}

client := &Client{
KMS: NewKMS(sess),
KMS: NewKMS(sess, creds),
}

return client, nil
Expand Down
6 changes: 4 additions & 2 deletions pkg/aws/kms.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ package aws
import (
"encoding/base64"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/kms"
"github.com/aws/aws-sdk-go/service/kms/kmsiface"
Expand All @@ -15,8 +17,8 @@ type KMS struct {
}

// NewKMS returns a KMS client
func NewKMS(s *session.Session) KMS {
return KMS{kms.New(s)}
func NewKMS(s *session.Session, creds *credentials.Credentials) KMS {
return KMS{kms.New(s, &aws.Config{Credentials: creds})}
}

// EncryptBytes encrypts the plaintext using the keyID key, result is base64 encoded
Expand Down
11 changes: 8 additions & 3 deletions pkg/provider/provider.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,14 @@ func Provider() *schema.Provider {
InputDefault: "us-east-1",
},
"profile": {
Type: schema.TypeString,
Optional: true,
Default: "",
Type: schema.TypeString,
Optional: true,
ConflictsWith: []string{"role_arn"},
},
"role_arn": {
Type: schema.TypeString,
Optional: true,
ConflictsWith: []string{"profile"},
},
},
ResourcesMap: map[string]*schema.Resource{
Expand Down