Skip to content

Commit ddda600

Browse files
committed
new: adding the possibility to use file credential or AWS IAM roles
1 parent 037cd33 commit ddda600

File tree

2 files changed

+31
-10
lines changed

2 files changed

+31
-10
lines changed

README.md

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -83,6 +83,15 @@ config := map[string]string{
8383
}
8484
```
8585

86+
To use [AWS IAM credentials or AWS file](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials), it is possible to set one of the following vars to "`true`": `aws_iam_credentials`, `aws_file`.
87+
It is also possible to specify the IAM endpoint (`aws_file_profile`) or the path of the file to use (`aws_file_profile`), if not specified it will use the default endpoint and file ($HOME/.aws/credentials).
88+
89+
```go
90+
config := map[string]string{
91+
"aws_file_profile": "true",
92+
}
93+
```
94+
8695
An example can be found [here](examples/s3/s3.go).
8796

8897
> :gem: [minio](https://docs.min.io/docs/minio-quickstart-guide.html) can be used for testing purposes

s3.go

Lines changed: 22 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -14,13 +14,18 @@ import (
1414

1515
type objectInfo = minio.ObjectInfo
1616
type s3Configuration struct {
17-
BucketName string `json:"bucket_name"`
18-
Endpoint string `json:"endpoint"`
19-
AccessKey string `json:"access_key"`
20-
SecretAccessKey string `json:"secret_key"`
21-
SessionToken string `json:"token"`
22-
Region string `json:"region"`
23-
SSLEnabled Bool `json:"ssl_enabled"`
17+
BucketName string `json:"bucket_name"`
18+
Endpoint string `json:"endpoint"`
19+
AccessKey string `json:"access_key"`
20+
SecretAccessKey string `json:"secret_key"`
21+
SessionToken string `json:"token"`
22+
Region string `json:"region"`
23+
SSLEnabled Bool `json:"ssl_enabled"`
24+
UseAWSIAMCredentials Bool `json:"aws_iam_credentials"`
25+
AWSIAMEndpoint string `json:"aws_iam_endpoint"`
26+
UseAWSFile Bool `json:"aws_file"`
27+
AWSFileName string `json:"aws_file_name"`
28+
AWSFileProfile string `json:"aws_file_profile"`
2429
}
2530

2631
// S3Watcher is the specialized watcher for Amazon S3 service
@@ -73,10 +78,17 @@ func (u *S3Watcher) SetConfig(m map[string]string) error {
7378
}
7479
u.config = &config
7580

76-
client, err := minio.New(u.config.Endpoint, &minio.Options{
77-
Creds: credentials.NewStaticV4(u.config.AccessKey, u.config.SecretAccessKey, u.config.SessionToken),
81+
options := minio.Options{
7882
Secure: bool(u.config.SSLEnabled),
79-
})
83+
}
84+
85+
if u.config.UseAWSFile {
86+
options.Creds = credentials.NewFileAWSCredentials(u.config.AWSFileName, u.config.AWSFileProfile)
87+
} else if u.config.UseAWSIAMCredentials {
88+
options.Creds = credentials.NewIAM(u.config.AWSIAMEndpoint)
89+
}
90+
91+
client, err := minio.New(u.config.Endpoint, &options)
8092
if err != nil {
8193
return err
8294
}

0 commit comments

Comments
 (0)