Skip to content

Commit

Permalink
FIX: Credential review, workaround about AWS_PROFILE used when not wa…
Browse files Browse the repository at this point in the history
…nted
  • Loading branch information
Fred78290 committed Aug 13, 2024
1 parent 757704e commit 910a4d8
Showing 1 changed file with 12 additions and 15 deletions.
27 changes: 12 additions & 15 deletions providers/aws/instance.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,27 +79,24 @@ func isAwsProfileValid(filename, profile string) bool {
}

func newSessionWithOptions(accessKey, secretKey, token, filename, profile, region string) (cfg aws.Config, err error) {
if isAwsProfileValid(filename, profile) {
// Unset this variables because LoadDefaultConfig use it when it's not necessary
os.Unsetenv("AWS_PROFILE")
os.Unsetenv("AWS_SHARED_CREDENTIALS_FILE")
os.Unsetenv("AWS_CONFIG_FILE")

if !isNullOrEmpty(accessKey) && !isNullOrEmpty(secretKey) {
glog.Debugf("aws credentials with accesskey: %s, secret: %s", accessKey, secretKey)

cfg, err = config.LoadDefaultConfig(context.TODO(), config.WithRegion(region), config.WithCredentialsProvider(aws.NewCredentialsCache(credentials.NewStaticCredentialsProvider(accessKey, secretKey, token))))
} else if isAwsProfileValid(filename, profile) {
glog.Debugf("aws credentials with profile: %s, credentials: %s", profile, filename)

cfg, err = config.LoadDefaultConfig(context.TODO(), config.WithSharedConfigProfile(profile), config.WithSharedConfigFiles([]string{filename}))
} else {
var cred aws.CredentialsProvider

if !isNullOrEmpty(accessKey) && !isNullOrEmpty(secretKey) {
glog.Debugf("aws credentials with accesskey: %s, secret: %s", accessKey, secretKey)

cred = credentials.NewStaticCredentialsProvider(accessKey, secretKey, token)
} else {
glog.Debugf("aws credentials with ec2rolecreds")
glog.Debugf("aws credentials with ec2rolecreds")

cred = ec2rolecreds.New()
}

cfg, err = config.LoadDefaultConfig(context.TODO(), config.WithRegion(region), config.WithCredentialsProvider(aws.NewCredentialsCache(cred)))
cfg, err = config.LoadDefaultConfig(context.TODO(), config.WithRegion(region), config.WithCredentialsProvider(aws.NewCredentialsCache(ec2rolecreds.New())))
}

return
}

Check failure on line 100 in providers/aws/instance.go

View workflow job for this annotation

GitHub Actions / Build

missing return

func (status *instanceStatus) Address() string {
Expand Down

0 comments on commit 910a4d8

Please sign in to comment.