new: adding the possibility to use file credential or AWS IAM roles

Matrix86 · Matrix86 · commit ddda60095b1b · 2022-11-09T23:17:15.000+01:00
diff --git a/README.md b/README.md
@@ -83,6 +83,15 @@ config := map[string]string{
 }
 ```
 
+To use [AWS IAM credentials or AWS file](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials), it is possible to set one of the following vars to "`true`": `aws_iam_credentials`, `aws_file`.
+It is also possible to specify the IAM endpoint (`aws_file_profile`) or the path of the file to use (`aws_file_profile`), if not specified it will use the default endpoint and file ($HOME/.aws/credentials).
+
+```go
+config := map[string]string{
+    "aws_file_profile": "true",
+}
+```
+
 An example can be found [here](examples/s3/s3.go).
 
 > :gem: [minio](https://docs.min.io/docs/minio-quickstart-guide.html) can be used for testing purposes
diff --git a/s3.go b/s3.go
@@ -14,13 +14,18 @@ import (
 
 type objectInfo = minio.ObjectInfo
 type s3Configuration struct {
-	BucketName      string `json:"bucket_name"`
-	Endpoint        string `json:"endpoint"`
-	AccessKey       string `json:"access_key"`
-	SecretAccessKey string `json:"secret_key"`
-	SessionToken    string `json:"token"`
-	Region          string `json:"region"`
-	SSLEnabled      Bool   `json:"ssl_enabled"`
+	BucketName           string `json:"bucket_name"`
+	Endpoint             string `json:"endpoint"`
+	AccessKey            string `json:"access_key"`
+	SecretAccessKey      string `json:"secret_key"`
+	SessionToken         string `json:"token"`
+	Region               string `json:"region"`
+	SSLEnabled           Bool   `json:"ssl_enabled"`
+	UseAWSIAMCredentials Bool   `json:"aws_iam_credentials"`
+	AWSIAMEndpoint       string `json:"aws_iam_endpoint"`
+	UseAWSFile           Bool   `json:"aws_file"`
+	AWSFileName          string `json:"aws_file_name"`
+	AWSFileProfile       string `json:"aws_file_profile"`
 }
 
 // S3Watcher is the specialized watcher for Amazon S3 service
@@ -73,10 +78,17 @@ func (u *S3Watcher) SetConfig(m map[string]string) error {
 	}
 	u.config = &config
 
-	client, err := minio.New(u.config.Endpoint, &minio.Options{
-		Creds:  credentials.NewStaticV4(u.config.AccessKey, u.config.SecretAccessKey, u.config.SessionToken),
+	options := minio.Options{
 		Secure: bool(u.config.SSLEnabled),
-	})
+	}
+
+	if u.config.UseAWSFile {
+		options.Creds = credentials.NewFileAWSCredentials(u.config.AWSFileName, u.config.AWSFileProfile)
+	} else if u.config.UseAWSIAMCredentials {
+		options.Creds = credentials.NewIAM(u.config.AWSIAMEndpoint)
+	}
+
+	client, err := minio.New(u.config.Endpoint, &options)
 	if err != nil {
 		return err
 	}
