The session provider consumes long term credentials
(:access_key_id
and :secret_access_key
) and
requests a session from STS. It then returns
the short term credential set from STS.
Calling {#refresh} causes the session provider to request a new set of credentials.
This session provider is currently only used for DynamoDB which requires session credentials.
@param [Hash] long_term_credentials A hash of credentials with
+:access_key_id+ and +:secret_access_key+ (but not +:session_token+).
# File lib/aws/core/credential_providers.rb, line 353 def for long_term_credentials @create_mutex.synchronize do @session_providers ||= {} @session_providers[long_term_credentials[:access_key_id]] = self.new(long_term_credentials) end end
@param [Hash] long_term_credentials A hash of credentials with
+:access_key_id+ and +:secret_access_key+ (but not +:session_token+).
# File lib/aws/core/credential_providers.rb, line 370 def initialize long_term_credentials @static = StaticProvider.new(long_term_credentials) if @static.session_token raise ArgumentError, 'invalid option :session_token' end @session_mutex = Mutex.new end
Aliasing the refresh method so we can call it from the refresh method defined in this class.
(see AWS::Core::CredentialProviders::Provider#refresh)
# File lib/aws/core/credential_providers.rb, line 384 def refresh refresh_session orig_refresh end
@return [nil,STS::Session] Returns nil if a session has not
already been started.
# File lib/aws/core/credential_providers.rb, line 413 def cached_session local_session = nil @session_mutex.synchronize do local_session = @session end local_session end
(see AWS::Core::CredentialProviders::Provider#get_credentials)
# File lib/aws/core/credential_providers.rb, line 392 def get_credentials session = cached_session if session.nil? refresh_session session = cached_session end session.credentials end
Replaces the cached STS session with a new one. @return [nil]
# File lib/aws/core/credential_providers.rb, line 403 def refresh_session sts = AWS::STS.new(@static.credentials.merge(:use_ssl => true)) @session_mutex.synchronize do @session = sts.new_session end nil end